Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Device and method for controlling mandatory access based on Windows platform

A mandatory access control and platform technology, which is applied in platform integrity maintenance, computer security devices, instruments, etc., and can solve problems such as insufficient monitoring of autonomous access control mechanisms.

Inactive Publication Date: 2012-07-04
SUZHOU LINGXIAO TECH
View PDF2 Cites 31 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0003] The purpose of the present invention is to provide a mandatory access control system based on the Windows platform, which solves the security problem caused by insufficient monitoring of the independent access control mechanism of the Windows operating system

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Device and method for controlling mandatory access based on Windows platform
  • Device and method for controlling mandatory access based on Windows platform
  • Device and method for controlling mandatory access based on Windows platform

Examples

Experimental program
Comparison scheme
Effect test

Embodiment

[0071] Example Implementation of Mandatory Access Control for Windows

[0072] The following embodiment specifically realizes the security hardening process based on the Windows platform, and the basic technical solution it adopts is as described above, including: a monitoring module and a core security server, and the frame diagram of the control device is as follows: figure 1 shown.

[0073] The mandatory access control device based on the Windows platform is implemented in the form of a driver. Once the driver is loaded successfully, similar to the concept of patches in the Linux system, the driver becomes an integral part of the Windows kernel. The memory space can be shared by all processes, which can achieve the purpose of monitoring all access control to kernel objects.

[0074] The following takes the monitoring creation process function as an example to introduce the monitoring of the process:

[0075] The process startup module is mainly to hook the two ...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses a device and method for controlling mandatory access based on a Windows platform. The device comprises a monitoring module and is characterized in that access control on progresses, files and register lists can be realized on the Windows platform, access requests of a subject of the access control on an object are intercepted and provided for a core safety server to be used for safety judgment; and the core safety server carries out authority judgment according to safety rules of mandatory access control and returns a result to the monitoring module so that the mandatory access control is realized. According to the device and method for controlling the mandatory access based on the Windows platform, disclosed by the invention, an access control decision of a windows system does not depend on the subject, and whether access is allowed or not is determined by comparing safety identifiers of the subject and the object through a safety policy; and the device for controlling the mandatory access based on the Windows platform, disclosed by the invention, is compatible with a windows-self-attached discretionary access control mechanism and also has higher safety grade compared with the original mechanism.

Description

technical field [0001] The invention belongs to the field of safe operating systems, and relates to a Windows system security reinforcement method, in particular to a Windows platform-based mandatory access control system and control method, which can realize mandatory access control to the Windows system. Background technique [0002] It is one of the widely used operating systems today, and its security has also become a concern and worry for the majority of users. The self-contained access control function of the Windows operating system is the core content of the security mechanism of the Windows system. It controls the access to sensitive resources of the system through the key components of the security subsystem. The basic idea of ​​autonomous access control mechanism is that the subject who owns the object can freely assign the access control authority to the object for other subjects. This mechanism has great autonomy and flexibility for the main user, but the secu...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): G06F21/00G06F21/57
Inventor 杨峰陶园李桄宇
Owner SUZHOU LINGXIAO TECH
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com