SMARTCOP - A smart card based access control for the protection of network security components

Abstract

The protection of network security components, such as firewalls and Intrusion Detection Systems, is a serious problem which, if not solved, may lead a remote adversary to compromise the security of other components, and even to obtain the control of the system itself. We are actually working on the development of a kernel based access control method, which intercepts and cancels forbidden system calls potentially launched by a remote attacker. This way, even if the attacker gains administration permissions, she will not achieve her purpose. To solve the administration constraints of our approach, we use a smart card based authentication mechanism for ensuring the administrator's identity. In this paper, we present an enhanced version of our authentication mechanism, based on a public key cryptographic protocol. Through this protocol, our protection module efficiently verifies administrator's actions before granting her the privileges to manipulate a component. © Springer-Verlag Berlin Heidelberg 2006.