Path-Safe: Enabling Dynamic Mandatory Access Controls Using Security Tokens
Deploying Mandatory Access Controls (MAC) is a promising way to provide host protection against malware. Unfortunately, current implementations lack the flexibility to adapt to emergent malware threats and are known for being difficult to configure. To address this limitation, we have devised a MAC method that leverages using encrypted security tokens to allow for redeploying policy configurations in real-time without the need to stop a running process. This work also develops Path-Safe, a MAC security system that focuses on protecting filesystem access from unauthorized processes and malware. We show that our security system can mitigate real-world malware threats with low overhead and high accuracy
Chapter, 2024