Show simple item record

dc.contributor.advisorGanapathy, Vinod
dc.contributor.authorGameti, Chinmay
dc.date.accessioned2024-02-12T09:07:48Z
dc.date.available2024-02-12T09:07:48Z
dc.date.submitted2024
dc.identifier.urihttps://etd.iisc.ac.in/handle/2005/6410
dc.description.abstractThe Robot Operating System (ROS) is a popular open-source middleware widely used in the robotics community. While ROS provides extensive support for robotic application develop- ment, it lacks certain fundamental security features, making ROS-based systems vulnerable to attacks that can compromise the application and user security. To address these challenges, ROS incorporates security plugins and libraries to protect against unauthorized access and en- sure secure communication between ROS applications. However, these user-level security tools do not protect end-to-end information flow against operating system (OS)-level attacks. This research introduces FlowROS, a decentralized information flow control (DIFC) system for ROS. FlowROS empowers ROS applications with fine-grained control over their sensitive information, providing a programmable interface and supporting explicit label propagation for modified ROS applications. FlowROS also leverages implicit label propagation for backward compatibility with unmodified ROS applications while guaranteeing end-to-end information flow control, including secrecy and integrity requirements. The implementation of FlowROS includes a kernel-level enforcement engine based on Linux security modules (LSM) to intercept sensitive communications within the system. The contributions of this research include identifying the limitations of mandatory access control (MAC)-based policy frameworks in ROS, motivating the need for DIFC systems in robotics platforms, presenting FlowROS as a practical DIFC solution for ROS applications, addressing the inherent DIFC challenge in ROS, and demonstrating the robustness, security, and performance of FlowROS through case studies, evaluations, and practical policies. Overall, FlowROS enhances the security of ROS-based systems by providing ROS applica- tions explicit control over the flow of their sensitive information, mitigating vulnerabilities, and protecting against accidental data disclosure.en_US
dc.language.isoen_USen_US
dc.relation.ispartofseries;ET00420
dc.rightsI grant Indian Institute of Science the right to archive and to make available my thesis or dissertation in whole or in part in all forms of media, now hereafter known. I retain all proprietary rights, such as patent rights. I also retain the right to use in future works (such as articles or books) all or part of this thesis or dissertationen_US
dc.subjectRobot Operating Systemen_US
dc.subjectFlowROSen_US
dc.subjectLinux security modulesen_US
dc.subject.classificationResearch Subject Categories::TECHNOLOGY::Information technology::Computer scienceen_US
dc.titleDecentralized information flow control for the robot operating systemen_US
dc.typeThesisen_US
dc.degree.nameMTech (Res)en_US
dc.degree.levelMastersen_US
dc.degree.grantorIndian Institute of Scienceen_US
dc.degree.disciplineEngineeringen_US


Files in this item

This item appears in the following Collection(s)

Show simple item record