Reference monitor implementing method of high safety grade operating system

A security level and operating system technology, applied in the field of non-bypassable reference monitor implementation, can solve the problems that the reference verification mechanism cannot be bypassed, etc., to improve security and service capabilities, ensure effectiveness, and meet security requirements required effect

Inactive Publication Date: 2008-05-07
NANJING UNIV
View PDF0 Cites 16 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

In fact, security is not a simple superposition of security functions, so it ca

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Reference monitor implementing method of high safety grade operating system
  • Reference monitor implementing method of high safety grade operating system
  • Reference monitor implementing method of high safety grade operating system

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0013] As shown in Figure 1, in the reference monitor structure of the present invention, each security service is interrelated to realize arbitration and monitoring that cannot bypass access control. The design purpose and function of each service are described as follows. The user process makes an access control request to the object manager, and receives the result of the object manager's implementation of access control. The authentication server is responsible for verifying the identity of the principal represented by the user process. Important security servers are started by the server loader in a safe and credible manner after the integrity check is performed, and the server loader is also responsible for the configuration and management of trusted servers. The enforcer has the ability to control all requests sent to the server, intercepts all user requests, and realizes the characteristics of comprehensive verification. It is the basis of the access control subsystem ...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention relates a method which can realize reference monitors of high level secure operating system, mainly comprising: (1) the structure of a reference monitor; (2) the realization of the controlling of microkernel IPC communications; (3) the initiated process according to the security services needed by the reference monitor. The structure of the reference monitor comprises that the structure reference monitor bases on a microkernel with enhanced security while all service procedures and user applications are out of the microkernel; the inter-process communication (IPC) is the only way for applications to acquire service and access resources and for the interactions between servers. Making use of the structure of the reference monitor to limit the communications between users and acquire system service, the invention enforces of the security verification strategy of access control to avoid authentification bypass, having guaranteed the validity of the utilization and protection of the system resources by the reference monitor and thus improved the safety and service ability of the system. The invention satisfies the security requirements of high-level operating system.

Description

technical field [0001] The invention relates to a safety kernel of an operating system with a high safety level, in particular to an implementation method of a non-bypassable reference monitor. Background technique [0002] The security operating system is the foundation of the entire information system security. The key goal of a secure operating system is to provide the strongest possible access control and audit mechanism, implement scheduling in compliance with security policies between application programs and system hardware and software resources, and restrict illegal access. The non-bypassable reference monitor is an important guarantee for a secure operating system, and can be used in information systems in important fields such as government, military, and national defense to improve the support capabilities of important information systems. [0003] Most traditional operating systems are designed and implemented based on various practical functional requirements ...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): G06F21/22G06F21/62
Inventor 曾庆凯王友荣黄达明
Owner NANJING UNIV
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap