Research of Mac OS X Endpoint Data Leak Prevention |
|
Author | WangFang |
Tutor | HanTao |
School | Huazhong University of Science and Technology |
Course | Communication and Information System |
Keywords | Data Leak Prevention Mac OS X Reverse Engineering Code Injection |
CLC | TP309.2 |
Type | Master's thesis |
Year | 2013 |
Downloads | 4 |
Quotes | 0 |
Mac OS X is becoming more and more popular in personal customers during thepast few years and benefits from its beauty, security, reliability and friendly characters.Along with the continuous update of Mac OS X, the enterprise functionality is alsoimproving, provides many enterprise features like joining active domain. More and moreenterprise customers start to deploy Mac OS X in their production environment.Compared to personal customers, the enterprise customers have a critical data securityrequirement because of the existence of plenty confidential data in the productionenvironment. Currently, the market does not have a mature and reliable endpoint dataleak prevention product on Mac OS X. This thesis focuses on the research of Mac OS Xendpoint data leak prevention to comply the demands.This thesis first introduces the routes of data leak and the concept of data leakprevention on endpoint. Then analyze the possible data leak routes on Mac OS Xcombined with the characteristics of Mac OS X. An overall architecture of Mac OS Xendpoint data leak prevention is designed based on previous analysis and several keytechnologies are carried out in order to implement the design. The key technologies arereverse engineering, function hook, code injection, inter-process communication andaccess control. Reverse engineering and function hook can be resolved by usingtraditional approach but need extra efforts because of the unique structure of Mac OS Xapplication. Code injection, inter-process communication and access control are difficultto implement because of the security features of Mac OS X and the absence of techniquesupport. This thesis resolves these problems through the studying of low-levelfunctionality of Mac OS X and making use of the unexplored features during theexecution of relative function. Finally, the design is implemented and tested to verify itsfeasibility. The main point of this thesis is research of the key technologies of Mac OS X endpoint data leak prevention during implementation.