Title: Accountable administration in operating systems

Authors: Lei Zeng; Hui Chen; Yang Xiao

Addresses: Department of Computer Science, The University of Alabama, Tuscaloosa, AL, 35487-0920, USA ' Department of Engineering and Computer Science, Virginia State University, Petersburg, VA, 23806, USA ' Department of Computer Science, The University of Alabama, Tuscaloosa, AL, 35487-0920, USA

Abstract: Many security models and systems are based on the assumption that super users must be trusted. It is difficult to hold super users accountable because they can erase any logs of their activities and impersonate as other users. This work proposes an accountable system administration model for operating systems where the notion of super users is removed and all system administrators must be accounted for their activities even if they are untrustworthy. The model is built upon a premise that such a system has multiple peer system administrators, and the peer system administrators ensure the logs of their activities are preserved and audited. The accountability policy and operating system primitives are designed and constructed so that the proposed model is provable. An enforcement mechanism that instantiates the model and enforces the policy is designed and implemented in Linux, a real-world operating system.

Keywords: accountability; operating system; system administration; logging; OS security.

DOI: 10.1504/IJICS.2017.085134

International Journal of Information and Computer Security, 2017 Vol.9 No.3, pp.157 - 179

Received: 29 Apr 2015
Accepted: 02 Feb 2016
Published online: 13 Jul 2017 *

Full-text access for editors Full-text access for subscribers Purchase this article Comment on this article