Reinforcing system

A technology of subsystems and roles, applied in the field of security enhancement systems, can solve problems such as no control, untraceability, lack of sufficient or sufficient strength of security mechanisms, etc., to achieve the effect of integrity protection

Active Publication Date: 2012-06-06
中铁信息工程集团有限公司 +1
View PDF4 Cites 11 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

The flaws in the security structure of the commercial UNIX system allow hackers or other attackers to invade the system through the system back door, run illegal programs, destroy the normal service of the system, or access business-sensitive data without permission; at the same time, the coding flaws in the software engineering of the system cause the system to exist. Overflow attack vulnerabilities, these vulnerabilities can allow attackers to obtain uncontrolled permissions, bypass the inspection of system security mechanisms, and evade system audits
[0003] Commercial UNIX systems also have insufficient security strength in terms of user identity and account management, which may lead to the theft and fraudulent use of legitimate user identities, thereby bringing security risks such as illegal access
In addition, commercial UNIX systems cannot well support the security principles of "least privilege" and "privilege separation" in terms of security management permissions. System administrators or super users have uncontrolled permissions. Once these management identities and roles are illegally stolen or malicious use, the system cannot take adequate security measures to protect itself, and cannot track these behaviors
[0004] In addition, the commercial UNIX system still lacks sufficient or sufficient security mechanism measures, and it is difficult to meet the high-intensity protection requirements of users for important applications or sensitive information
For example, in industries such as railways and electric power, their management and organizational structures often have clear superior-subordinate levels and departmental relationships. This management level and departmental relationship will also be mapped to related business systems. However, general commercial UNIX systems do not have the same Therefore, it is difficult to meet the security protection and management requirements for important system resources or sensitive information
[0005] On the one hand, commercial UNIX systems have the above major security weaknesses; on the other hand, operating system security products developed by foreign commercial UNIX system manufacturers cannot meet the requirements of our national information security in terms of technical functions and policies

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Reinforcing system
  • Reinforcing system
  • Reinforcing system

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0022] In order to make the object, technical solution and advantages of the present invention clearer, the present invention will be further described in detail below in conjunction with the accompanying drawings and embodiments. It should be understood that the specific embodiments described here are only used to explain the present invention, not to limit the present invention.

[0023] Such as figure 1 The reinforcement system of the present invention shown is on the UNIX operating system, under the application program, which includes: two-factor authentication subsystem; mandatory access control subsystem based on security token; executable code protection verification execution subsystem; remaining Information protection subsystem; role-based authority management subsystem; security audit subsystem; built-in LDAP directory service subsystem; two-factor authentication subsystem verifies user identity. Under the control of the subsystem, the operation is carried out. Amon...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses a reinforcing system, which comprises a dual-factor authentication sub system, a mandatory access control sub system based on safety marks, a protection verification executing sub system capable of executing codes, a remaining information protection sub system, an authority management sub system based on roles, a security auditing sub system and a built-in lightweight directory access protocol (LDAP) directory service sub system. Under the simultaneous effects of the sub systems, security functions such as mandatory access control, dual-factor authentication, object reuse prevention, system and application program completeness protection and important data protection which are not realized by an ordinary commercial uniplexed information and computering service (UNIX) operation system, the classification protection technical requirements of important information systems of railways, electric power and the like are met, and the reinforcing system belongs to the security reinforcing system providing safe and reliable operation environment for key business application.

Description

technical field [0001] The invention relates to a UNIX upper layer middleware system, in particular to a UNIX security enhancement system. Background technique [0002] Commercial UNIX systems are used in many users' key business information systems, but as their applications mature, their security weaknesses are constantly exposed and exploited, bringing security risks to users' businesses. Among these security weaknesses, the security flaws in the system structure are the most fundamental. The flaws in the security structure of the commercial UNIX system allow hackers or other attackers to invade the system through the system back door, run illegal programs, destroy the normal service of the system, or access business-sensitive data without permission; at the same time, the coding flaws in the software engineering of the system cause the system to exist. Overflow attack vulnerabilities, these vulnerabilities can allow attackers to obtain uncontrolled permissions, bypass t...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): G06F21/22G06F21/31G06F21/33G06F21/45
Inventor 白竟李毓才刘刚葛维孙绍钢李晓勇
Owner 中铁信息工程集团有限公司
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products