Il-Pyung Park

Radio software download for commercial wireless reconfigurable devices

Commercial wireless end user terminals are becoming increasingly complex in order to integrate in a common package distinct separate capabilities formerly implemented in multiple single-function, single-band devices. Software is an increasingly important aspect of these complex terminals. The increased amount of software installed in wireless devices includes both application software and operational software, such as radio software used to implement software-defined radio capabilities. A resulting need is to be able to upgrade these wireless devices through software download in order to incorporate new capabilities and fix software deficiencies.

Social certificates and trust negotiation

When participating in online communities and ad hoc interactions, peer trust is based on societal relationships where identity alone is typically insufficient. We propose a new method for automatic establishment of peer trust that is suitable for peer-topeer and ad-hoc networking applications which overcomes the shortcomings of existing approaches. This method includes a new type of property-based certificate which we call a Social Certificate, and a new approach for trust negotiation in which privacy is assured by isolating the negotiation using a Secure Trust Negotiation Agent. Each Secure agent acts as the negotiator for its peer, upholding the peers trust negotiation policies while keeping shared information secret. We describe these new methods and the security technology underpinning the Secure Trust Negotiation Agent.

Applicability of low water-mark mandatory access control security in Linux-based advanced networked consumer electronics

Linux is an open source operating system that is rapidly gaining popularity in consumer electronic devices, especially in digital audio and video devices. However, with its success in the market, there is a greater need for security. We present a Trojan attack scenario that compromises the security of a Linux-based networked appliance. Then, we demonstrate how a simple low water-mark mandatory access control (LOMAC) module can protect the system against such attacks. However, LOMAC implements this access control by interposition at the kernels system call interface and uses implicit attribute mapping to map security attributes to files, which is invasive. We present a LOMAC implementation as a Linux security module (LSM), a new framework for providing standard interfaces to loadable security modules for the Linux kernel.

An operating system security method for integrity and privacy protection in consumer electronics

Linux is an open source operating system that is rapidly gaining popularity in consumer electronic devices. It has started being deployed in mobile phones and digital audio and video devices. However, with its success in the market, there is a greater need for security. The traditional Discretionary Access Control (DAC) model does not provide adequate security support. Mandatory Access Control (MAC) models can provide additional security in addition to the DAC scheme. However, some of the existing MAC schemes are too complex to be used in embedded devices, while others are simple yet do not provide fine-grained access control. In this paper, we present a MAC model that grants subjects permissions based on their past behavior. It is simple but it also provides a fine-grained access control to the operating system. With its small footprint, it can be applied to various systems, including embedded devices.