Method for implementing mandatory access control mechanism of security operating system

Abstract

The invention relates to a method for implementing a mandatory access control mechanism of a security operating system, which belongs to the field of the design and implementation of a security operating system. The subject of the security operating system is a security system structure and an access control process. The security system structure requires an operation system to support the mandatory access control mechanism, describe the dependency relationship between hierarchical division and modules in design, be divided into a driving layer, an inner nuclear layer, a system layer and an application layer from the bottom to the top in implementation method and comprise a mandatory access control execution module, a mark management module, a management information processing module, a security initialization module and a storage medium encipherment protection module. The mandatory access control process determines the time and process precedence relationship for implementing the mandatory access control in the security operation system. A support model, a data structure and a hook function specify the details of the implementation. The mandatory access control mechanism is a necessary security function of a high-security operation system. The method can be widely used in the design of high-security operation system.

Description

(1) Technical field [0001] The implementation method of mandatory access control mechanism belongs to the field of safe operating system design and implementation, and is one of the core technologies of information security. (2) Background technology [0002] The operating system is the interface between the application software and the system hardware, and its goal is to use computer resources efficiently, to the maximum extent, and reasonably. The security operating system is to enhance security mechanisms and functions to ensure the confidentiality, integrity and availability of computing resources. Without the support of a secure operating system, the database cannot have the security availability of access control, the security of the network system, and the security of application software information processing. Therefore, the security operating system is the basis of the security of the entire information system. Without the protection of the security operating syst...

AI Technical Summary

Problems solved by technology

Although this method can complete the mandatory access control function, it is more difficult to do so

First, this method has high requirements for the quality of system developers, and it is necessary to go deep into the kernel to understand the key system calls, which is a difficult task; There are many places to modify, which are relatively trivial and prone to confusion, which affects the development speed and process

Images