Access control method for operation system and implementation platform thereof

An operating system and access control technology, applied in program control devices, platform integrity maintenance, instruments, etc., can solve the problem that access control modules are difficult to implement in multiple systems, and achieve the effect of convenient and safe configuration

Inactive Publication Date: 2010-06-09
苏州昂信科技有限公司
View PDF0 Cites 30 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

These projects target a single operating system, making it difficult to implement access control modules on multiple systems

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Access control method for operation system and implementation platform thereof
  • Access control method for operation system and implementation platform thereof
  • Access control method for operation system and implementation platform thereof

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0022] In access control, the subject generally represents the initiator of the action, and the object represents the recipient of the action. For a computer, the subject generally refers to a process, while the object generally refers to resources such as processes, files or Sockets.

[0023] For "security label" or "security context", the concept is the label of the security model, which is the basis for the security model to judge the authority. In the present invention, "security context" (context) is used for description. Each security model has its own security context. For the subject and object in the operating system, its security context is the collection of security contexts of each security model loaded in the system. For example, in a system implementing the BLP and BIBA model, the BLP level of process A is 1, and the BIBA level is 5, then the security context of process A is the set {1, 5} of BLP and BIBA security contexts.

[0024] For a security model, the ba...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention relates to an access control method for an operation system and an implementation platform thereof. The platform comprises an operation system Hook layer, a platform abstraction layer and a core security server. The operation system Hook layer transmits an intercepted request to the core security server; a strategy caching module queries the request, and judges whether the same request exists; if the same request exists, the request is executed; if the same request does not exist, a strategy managing module is queried, whether the access permission of the request exists is judged according to the security rule of the operation system security model which is saved in a strategy database; if the access permission of the request exists, the request is stored in a cache and executed; and if the access permission of the request does not exist, the request is refused. The invention provides the flexible access control platform which can be applied to various operation systems, and provides a unified strategy configuration method which can be conveniently implemented on the various operation systems.

Description

technical field [0001] The invention relates to an access control method of an operating system and its implementation platform, which is applicable to the access control method and platform for multiple operating systems, and solves the problem of repeatedly writing access control modules when adding access control to multiple operating systems , a security hardening method independent of the operating system is proposed. Background technique [0002] At present, mainstream operating systems do not fully support access control. For example, systems such as Linux and Windows only support autonomous access control, and generally lack support for mandatory access control. Therefore, it is necessary to add access control mechanisms to various systems to strengthen the security of the system. safety. At present, the implementation of access control on the operating system is generally aimed at a single system. For example, the SELinux project of the US National Security Agency ...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): G06F21/00G06F9/44G06F21/50
Inventor 龚育昌赵振西杨峰胡大磊贾刚勇胡楠余艳玮
Owner 苏州昂信科技有限公司
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap