Eureka AIR delivers breakthrough ideas for toughest innovation challenges, trusted by R&D personnel around the world.

Technology for detecting fault of Linux system by using mandatory access control

A technology of mandatory access control and system failure, applied in the detection of faulty computer hardware, etc., can solve problems such as weak audit protection, security problems, verification and evaluation

Inactive Publication Date: 2010-09-01
LANGCHAO ELECTRONIC INFORMATION IND CO LTD
View PDF1 Cites 6 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

However, its security issues have not been verified and evaluated by third parties
[0009] Users get the right to use system files when they enter the system. File access is only controlled by setting file access permissions. The system has no mandatory security access control mechanism, which opens the door for attackers.
[0010] (4) The audit protection function is weak
[0011] Although LINUX provides auditing functions, there are almost no restrictions on the access to audit data, which can be freely queried and modified, especially lacking the integrity protection of audit data
[0012] (5) Insecurity of network applications
These worthless codes are a major security problem in their own right

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Technology for detecting fault of Linux system by using mandatory access control
  • Technology for detecting fault of Linux system by using mandatory access control

Examples

Experimental program
Comparison scheme
Effect test

Embodiment approach

[0034] Add a secure kernel module to the driver layer (layer 0), intercept and record all kernel access paths, so as to meet the technical requirements for handling Linux server failures. The security effect achieved is similar to that of refactoring operating system code technology. The advantage is that it will not affect the customer's business continuity, and even does not require the customer to restart the system. It not only supports all applications on the upper layer, but also supports all systems and machines on the lower layer, and can guarantee the security of upper layer applications at the granularity of the operating system.

[0035] It mainly consists of the following modules:

[0036] 1. Mandatory access control MAC

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention provides technology for detecting a fault of a Linux system by using mandatory access control. According to the technology, the fault of the Linux operating system is fast processed and a fault point is fast positioned by using the mandatory access control. Compared with conventional security defending and detecting products IDS, anti-virus software and the like, the technology for detecting the fault of the system by using the mandatory access control has the advantages of fast detecting and positioning the faults of the Linux system caused by attacks comprising known or unknown virus programs, ROOTKIT grade backdoor horse and the like.

Description

technical field [0001] The invention relates to the technical field of Linux system kernel reinforcement, in particular to a technique for detecting Linux system faults by using mandatory access control Background technique [0002] Linux is used more and more widely, and its open source code has been widely welcomed. However, its security issues have not been verified and evaluated by a third party. This problem is not obvious when individual users use it, but it becomes the biggest obstacle when government departments and financial departments are preparing to apply this operating system on a large scale. [0003] Its security issues mainly include: [0004] (1) Superuser privileges [0005] A super administrator has too many privileges. He has privileges that other users do not have. Once he obtains super administrator privileges, he can gain complete control over the computer system. [0006] (2) Account management is simple [0007] For intruders, the most direct w...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): G06F11/22
Inventor 周水波宋桂香
Owner LANGCHAO ELECTRONIC INFORMATION IND CO LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com