Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Method for detecting Solaris system fault by utilizing mandatory access control

A technology of mandatory access control and system failure, applied in transmission systems, digital transmission systems, electrical components, etc., can solve problems such as network application insecurity, lack of key files, lack of audit data integrity protection, etc., to achieve the effect of ensuring security

Inactive Publication Date: 2010-09-08
LANGCHAO ELECTRONIC INFORMATION IND CO LTD
View PDF1 Cites 10 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0009] Users get the right to use system files when they enter the system. File access is only controlled by setting file access permissions. The system has no mandatory security access control mechanism, which opens the door for attackers.
[0010] (4) A large number of processes have super user privileges
[0012] (5) The audit protection function is weak
[0013] Although Solaris provides auditing functions, there are almost no restrictions on the access to audit data, which can be freely queried and allowed to be modified, especially the lack of integrity protection for audit data
[0014] (6) Insecurity of network applications
[0021] (1) Some key files are missing or deleted by mistake, such as boot files
[0022] (2) The configuration file is maliciously changed, such as the network parameters of the server, etc.
[0023] (3) Load malicious driver

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Method for detecting Solaris system fault by utilizing mandatory access control
  • Method for detecting Solaris system fault by utilizing mandatory access control

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0039] The method of the present invention is described in detail below with reference to the accompanying drawings.

[0040] It mainly consists of the following modules:

[0041] 1. Mandatory access control MAC

[0042] Mandatory access control MAC is divided into two parts: one is based on the user's access control to files, and the other is based on the process's access control to files. The process is bound to the user principal when it is running, so the process itself is also a principal. When an object is protected by a security token, even the root user cannot access the object unless it has MAC permissions.

[0043] 2. Anti-abnormal termination of important system processes

[0044] In order to prevent hackers from terminating some important system processes, a set of mechanisms is provided to prevent some important processes from being terminated abnormally by anyone, thus ensuring the normal operation of the service.

[0045] 3. User network mandatory access con...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention provides a fault detection technology of a Solaris system, and a Solaris operating system fault is rapidly processed and a fault point is rapidly positioned through mandatory access control by the technology. Compared with a traditional minimum authority model safety measure, the technology for detecting the system fault by utilizing the mandatory access control rapidly detects and positions the fault caused by an attack for the Solaris system, including a known or unknown virus program, an ROOTKIT-level backdoor Trojan horse and the like. The mandatory access control (MAC) is divided into two parts: one part is the access control for a document on the basis of a user, the other part is the access control for the document on the basis of a process, and the user is bound when the process operates, so that the process per se is also a subject, and when an object is protected by a safety mark, even a root user can not access the object unless having the authority of the MAC.

Description

technical field [0001] The present invention relates to the field of Solaris system kernel reinforcement, especially the communication between the user layer and the system layer, specifically a method based on ROST (Reinforcement Operating System Technique), the core of which is to reconstruct the operation at the core layer of the Solaris system The system's permission access model is used to implement real mandatory access control to handle server failures, quickly locate the failure point and the cause. technical background [0002] The Solaris operating system runs a number of system processes with superuser privileges, giving programs the ability to read and modify things like other processes, memory, and I / O devices. While this gives system processes the permissions they need to perform their tasks, it also gives them unnecessary access to otherwise protected parts of the system. Hackers rely on this elevated privilege to gain superuser access to a computer by exploi...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06H04L12/24
Inventor 周水波宋桂香
Owner LANGCHAO ELECTRONIC INFORMATION IND CO LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products