SMACK-based Application Whitelisting on AGL
Application whitelisting is a technology that allows only applications that are explicitly listed in a whitelist to be executed on a computer system. We have implemented two versions of application wh …
| Talk Title | SMACK-based Application Whitelisting on AGL |
| Speakers | Chuan-Yu Cho (Deputy Director of Information & Communication Research Lab, Industrial Technology Research Institute), Che-Hao Liu (Engineer, Industrial Technology Research Institute, Taiwan) |
| Conference | Open Source Summit + Automotive Linux Summit Japan |
| Conf Tag | |
| Location | Tokyo, Japan |
| Date | Jul 17-19, 2019 |
| URL | Talk Page |
| Slides | Talk Slides |
| Video | |
Application whitelisting is a technology that allows only applications that are explicitly listed in a whitelist to be executed on a computer system. We have implemented two versions of application whitelisting, one requiring system call interception and kernel modification, and the other requiring only SMACK rule configuration and user-level programming. In this talk, we will detail the SMACK-based application whitelisting implementation, and compare these two implementations in terms of their functionalities, system stability, development efforts, and run-time performance overheads.
