An illegal indirect access prevention method in transparent computing system

Abstract

Transparent computing is a novel network computing paradigm in which operating systems, applications, data, etc. are stored and managed on remote servers, and complex computing tasks are performed on local clients in real time. The unified and professional storage managements on servers make clients capable of owning an intrinsic advantage of storage security. However, due to runtime computing tasks of applications, protecting information flow security in end devices becomes important. In this paper, we propose a secure information flow model and design an information flow search algorithm based on Depth-first-search to prevent illegal access between files in transparent computing local environment. The main idea is to detect indirect access in information flow graph constructed with historic access records at first. Then compare the indirect access with previously designed white list to find out whether there are illegal behaviors. Intercepting access behavior is implemented by a special and secure file filter above file system at kernel level. Algorithm and security analysis show that our work can provide a secure information flow mechanism efficiently.