The Journal of Supercomputing

, Volume 66, Issue 3, pp 1243–1259 | Cite as

Implementation and performance analysis of multilevel security system in pervasive computing environment

  • Zhiyong Tan
  • Duo Liu
  • Xuejun Zhuo
  • Yiqi Dai
  • Laurence T. Yang
Article
First Online:

Abstract

This paper presents the design and implementation features of Centralized Pervasive Computing Environment/Multilevel Security (CPCE/MLS), a multilevel security (MLS) system in pervasive computing environment deployed in Local area network (LAN) with a Mandatory Access Control (MAC) mechanism. By introducing the server-storage terminals and implementing the multilevel security access control mechanism based on the Bell–LaPadula model, process creation supervision, and an auditing mechanism, the CPCE/MLS system is able to provide the security guarantee of the whole computing environment. As such, each terminal is controlled under an integrated security policy. The performance test results show that the CPCE/MLS system, without optimization, generates great overhead but achieves significantly better performance after the cache mechanism is added in the monitor agent and in the hook driver. The system with the hook driver cache mechanism is able to achieve the 95.9% throughput of the native system with 8 K and 16 K requested data blocksize.

Keywords

Pervasive computing Security Access control Multilevel security BLP (Bell–LaPadula) security model 
This is a preview of subscription content, log in to check access.

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. 1.
    Ahmad I, Anderson JM, Holler AM, Kambo R, Makhija V (2003) An analysis of disk performance in VMware ESX server virtual machines. In: Proceedings of annual workshop on workload characterization, Texas Google Scholar
  2. 2.
    Ambient Devices Inc (2009) Ambient devices: products. Available at http://www.ambientdevices.com/
  3. 3.
    Anderson JP (1972) Computer security technology planning study. Tech Rep ESD-TR-73-51 Vol II, HQ Electronic Systems Division (AFSC) Google Scholar
  4. 4.
    Bell DE, LaPadula LJ (1976) Secure computer system: unified exposition and Multics interpretation. MITRE report MTR 2997 Google Scholar
  5. 5.
    Boukerche A, Ren Y (2008) A trust-based security system for ubiquitous and pervasive computing environments. Comput Commun 31(18):4343–4351 CrossRefGoogle Scholar
  6. 6.
    Campbell R, Al-Muhtadi J, Naldurg P, Sampemane G, Mickunas MD (2002) Towards security and privacy for pervasive computing. In: Proceedings of the 2002 Mext-NSF-JSPS international conference on software security: theories and systems Google Scholar
  7. 7.
    Computer Security Institute (2008) 2008 CSI computer crime and security survey. Available at http://i.cmpnet.com/v2.gocsi.com/pdf/CSISurvey2008.pdf
  8. 8.
    Creese S, Goldsmith M, Roscoe B, Zakiuddin I (2004) Security in pervasive computing 2003. Lect Notes Comput Sci 2802:116–129 CrossRefGoogle Scholar
  9. 9.
    FlinkII CW, Weiss JD (1988) System V/MLS labeling and mandatory policy alternatives. AT&T Tech J 67(3):53–64 CrossRefGoogle Scholar
  10. 10.
    Gligor VD, Burch EL, Chandersekaran CS (1987) On the design and the implementation of secure Xenix workstation. In: Proceedings of IEEE symposium on security and privacy, California, pp 102–117 Google Scholar
  11. 11.
    Kagal L, Undercoffer J, Perich F, Joshi A, Finin T (2005) A security architecture based on trust management for pervasive computing systems. Tech Rep, Defense Advanced Research Projects Agency Google Scholar
  12. 12.
    Landwehr CE, Heitmeyer CL, McLean J (1984) A security model for military message systems. ACM Trans Comput Syst 9(3):198–222 CrossRefGoogle Scholar
  13. 13.
    Loscocco P, Smalley S (2001) Integrating flexible support for security policies into the Linux operating system. In: Proceedings of FREENIX track: USENIX annual technical conference, Massachusetts, pp 29–42 Google Scholar
  14. 14.
    MIT Project Oxygen (2004) Oxygen project overview. Available at http://www.oxygen.lcs.mit.edu/Overview.html
  15. 15.
    Russinovich ME, Solomon DA (2004) Microsoft Windows internals. In: Microsoft Windows Server 2003, Windows XP, and Windows 2000, 4th edn. Microsoft Press, Washington, pp 192–196 Google Scholar
  16. 16.
    Satyanarayanan M (2001) Pervasive computing: vision and challenges. Pers Commun, 8(4):10–17 CrossRefGoogle Scholar
  17. 17.
    Waldhart NA (1990) The army secure operating system. In: Proceedings of IEEE computer society symposium on research in security and privacy, California, pp 50–60 CrossRefGoogle Scholar
  18. 18.
    Weiser M (1991) The computer for the twenty-first century. Sci Am 265(3):94–104 CrossRefGoogle Scholar
  19. 19.
    Zhang YX, Peng YK, Zhou YZ, Fang CH (2003) Manageable multimedia network computer. Acta Electron Sin 31(12):2054–2058 (in Chinese) Google Scholar
  20. 20.
    Zhang YX, Zhou YZ (2006) Transparent computing: A new paradigm for pervasive computing. In: Proceedings of 3rd international conference on ubiquitous intelligence and computing, Wuhan, China, pp 1–11 CrossRefGoogle Scholar

Copyright information

© Springer Science+Business Media, LLC 2012

Authors and Affiliations

  • Zhiyong Tan
    • 1
  • Duo Liu
    • 1
  • Xuejun Zhuo
    • 1
  • Yiqi Dai
    • 1
  • Laurence T. Yang
    • 2
  1. 1.Department of Computer Science and TechnologyTsinghua UniversityBeijingChina
  2. 2.Department of Computer ScienceSt Francis Xavier UniversityAntigonishCanada

Personalised recommendations