Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

a reinforcement system

A technology of subsystems and roles, applied in the field of security enhancement systems, which can solve the problems of lack of control, the inability of the system to take sufficient security measures, and the lack of sufficient or sufficient security mechanisms and measures to achieve the effect of integrity protection

Active Publication Date: 2016-08-03
中铁信息工程集团有限公司 +1
View PDF4 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

The flaws in the security structure of the commercial UNIX system allow hackers or other attackers to invade the system through the system back door, run illegal programs, destroy the normal service of the system, or access business-sensitive data without permission; at the same time, the coding flaws in the software engineering of the system cause the system to exist. Overflow attack vulnerabilities, these vulnerabilities can allow attackers to obtain uncontrolled permissions, bypass the inspection of system security mechanisms, and evade system audits
[0003] Commercial UNIX systems also have insufficient security strength in terms of user identity and account management, which may lead to the theft and fraudulent use of legitimate user identities, thereby bringing security risks such as illegal access
In addition, commercial UNIX systems cannot well support the security principles of "least privilege" and "privilege separation" in terms of security management permissions. System administrators or super users have uncontrolled permissions. Once these management identities and roles are illegally stolen or malicious use, the system cannot take adequate security measures to protect itself, and cannot track these behaviors
[0004] In addition, the commercial UNIX system still lacks sufficient or sufficient security mechanism measures, and it is difficult to meet the high-intensity protection requirements of users for important applications or sensitive information
For example, in industries such as railways and electric power, their management and organizational structures often have clear superior-subordinate levels and departmental relationships. This management level and departmental relationship will also be mapped to related business systems. However, general commercial UNIX systems do not have the same Therefore, it is difficult to meet the security protection and management requirements for important system resources or sensitive information
[0005] On the one hand, commercial UNIX systems have the above major security weaknesses; on the other hand, operating system security products developed by foreign commercial UNIX system manufacturers cannot meet the requirements of our national information security in terms of technical functions and policies

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • a reinforcement system
  • a reinforcement system

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0022] In order to make the object, technical solution and advantages of the present invention clearer, the present invention will be further described in detail below in conjunction with the accompanying drawings and embodiments. It should be understood that the specific embodiments described here are only used to explain the present invention, not to limit the present invention.

[0023] Such as figure 1 The reinforcement system of the present invention shown is on the UNIX operating system, under the application program, which includes: two-factor authentication subsystem; mandatory access control subsystem based on security token; executable code protection verification execution subsystem; remaining Information protection subsystem; role-based authority management subsystem; security audit subsystem; built-in LDAP directory service subsystem; two-factor authentication subsystem verifies user identity. Under the control of the subsystem, the operation is carried out. Amon...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses a reinforcement system, which includes: a two-factor identity verification subsystem, a mandatory access control subsystem based on security marks, an executable code protection verification execution subsystem, a residual information protection subsystem, and role-based authority management Subsystem, security audit subsystem, built-in LDAP directory service subsystem; under the joint action of these subsystems, it adds mandatory access control, two-factor authentication, anti-object reuse, system and Security functions such as application integrity protection and important data protection meet the technical requirements for hierarchical protection of important information systems such as railways and electric power, and provide a security enhancement system for key business applications with a safe and reliable operating environment.

Description

technical field [0001] The invention relates to a UNIX upper layer middleware system, in particular to a UNIX security enhancement system. Background technique [0002] Commercial UNIX systems are used in many users' key business information systems, but as their applications mature, their security weaknesses are constantly exposed and exploited, bringing security risks to users' businesses. Among these security weaknesses, the security flaws in the system structure are the most fundamental. The flaws in the security structure of the commercial UNIX system allow hackers or other attackers to invade the system through the system back door, run illegal programs, destroy the normal service of the system, or access business-sensitive data without permission; at the same time, the coding flaws in the software engineering of the system cause the system to exist. Overflow attack vulnerabilities, these vulnerabilities can allow attackers to obtain uncontrolled permissions, bypass t...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Patents(China)
IPC IPC(8): G06F21/71G06F21/31G06F21/33G06F21/45
Inventor 白竟李毓才刘刚葛维孙绍钢李晓勇
Owner 中铁信息工程集团有限公司
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products