Risks and Dangers of Security Extensions
2001 (English)Conference paper (Refereed)
Securing computer systems is an increasing concern as more and more systems are connected together in large networks. Traditional operating system based protection mechanisms have failed to fully meet the demands of this new situation. To overcome some of the shortcomings of these mechanisms new types have been developed with the intention to stop or reduce the impact of the new threats. We would like to call these new mechanisms security extensions, since they are not usually part of the core operating system. However, security extensions often contain sensitive and vital information that also needs to be secured. Usually they are dependent on the security mechanisms of the operating system for their own protection, i.e., they are dependent on the security of a mechanism whose insecurity they are supposed to patch. This is clearly an undesirable situation. We thus argue that security extensions actually add risks and vulnerabilities to the system when the underlying system is insecure or when they are not capable of handling their own security by themselves. In this paper, we discuss and analyze possible vulnerabilities in three types of security extensions, i.e., anti-malware software, firewalls, and intrusion detection systems. We also introduce a crude classification scheme for the different types of risks that the security extensions discussed add to the system.
Place, publisher, year, edition, pages
Bratislava, Slovakia, 2001.
Research subject Computer Science
IdentifiersURN: urn:nbn:se:kau:diva-23118OAI: oai:DiVA.org:kau-23118DiVA: diva2:596873
Proceedings of Security and Control of IT in Society-II (IFIP SCITS-II), pages 231-248, Bratislava, Slovakia, June 15-16,2001