Abstract
Many computer security systems are considered a burden. Their inherent intrusiveness may often have an impact on the overall system stability and may conflict with a continuous stream of updates to a server operating system and components. Additionally, their complexity, and the lack of sufficient understanding of how to operate them efficiently, leads to subpar utilization of their full potential. We claim that a computer security system must make usability one of its top priorities, arguably the first, to have any chance of being correctly and fully used. In this paper, we describe Starlight, a protection tool that has usability as its core trait. We discuss the tradeoffs between security and usability and how we addressed them. Starlight monitors the behavior of a running system and creates a customized security policy, a set of operating system execution rules that accurately defines the execution boundaries of the system. We demonstrate the capabilities of our system to protect the runtime environments of servers with Linux ® containers, which add kernel exploits risks via exposure to vulnerable or rogue applications.
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.