Maia and Mandos: Tools for Integrity Protection on Arbitrary Files

Author

Paul J. Bonamy, Michigan Technological UniversityFollow

Date of Award

2016

Document Type

Open Access Dissertation

Degree Name

Doctor of Philosophy in Computer Science (PhD)

Administrative Home Department

Department of Computer Science

Advisor 1

Jean Mayo

Advisor 2

Steve Carr

Committee Member 1

Ali Ebnenasir

Committee Member 2

Xinli Wang

Committee Member 3

Zijiang Yang

Abstract

We present the results of our dissertation research, which focuses on practical means of protecting system data integrity. In particular, we present Maia, a language for describing integrity constraints on arbitrary file types, and Mandos, a Linux Security Module which uses verify-on-close to enforce mandatory integrity guarantees. We also provide details of a Maia-based verifier generator, demonstrate that Maia and Mandos introduce minimal delay in performing their tasks, and include a selection of sample Maia specifications.

Recommended Citation

Bonamy, Paul J., "Maia and Mandos: Tools for Integrity Protection on Arbitrary Files", Open Access Dissertation, Michigan Technological University, 2016.

https://doi.org/10.37099/mtu.dc.etdr/122