Stephen D. Wolthusen
Fraunhofer-IGD, Security Technology Department
Germany

This paper discusses a potential security issue in common operating system and application environments regarding dynamically attached devices and device interfaces.

A set of countermeasures for the identified threats is described along with the integration of countermeasures into a policy-based security infrastructure; finally, an implementation of the countermeasure in the form of a policy enforcement module integrated into the kernel of the Microsoft Windows 2000/XP family of operating systems is described.

Keywords: interface protection, operating system security, protocol analysis

Read Paper (in PDF)