Operating system nucleus universal access control method supporting entities inside and outside nucleus
A technology of access control and operating system, applied in the protection of internal/peripheral computer components, instruments, electrical digital data processing, etc., can solve security constraints, security mechanisms cannot be combined, and cannot solve security problems, achieving good versatility, Enhanced mandatory access control capabilities and strong scalability
Active Publication Date: 2014-08-06
NAT UNIV OF DEFENSE TECH
View PDF3 Cites 24 Cited by
- Summary
- Abstract
- Description
- Claims
- Application Information
AI Technical Summary
Problems solved by technology
The operating system as the basis of information security protection has long relied on foreign operating system products, such as Microsoft Windows series, Apple's mac os, Android and other operating system products. It is difficult to protect the information security of our country
The Microsoft black screen incident in 2008 and the Prism Gate incident in 2013 fully demonstrated that the use of foreign operating systems + security patches cannot solve the fundamental problem of security
However, because the internal security mechanism of the application itself cannot be combined with its operating platform-operating system, its security protection capability is not high and its foundation is not solid.
Method used
the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View moreImage
Smart Image Click on the blue labels to locate them in the text.
Smart ImageViewing Examples
Examples
Experimental program
Comparison scheme
Effect test
Embodiment Construction
[0042] Such as figure 1 As shown, the implementation steps of the unified access control method for the operating system kernel supporting internal and external entities in the embodiment of the present invention are as follows:
[0043] 1) The kernel access control interface and rules that implement mandatory control of the access rights of kernel entities in the operating system kernel. The operating system kernel implements mandatory access control to entities in the operating system kernel based on the kernel access control interface and rules;
[0044] 2) Based on the kernel access control interface and rules, provide the outer-core application program outside the core of the operating system with an outer-core entity control interface corresponding to the kernel access control interface, and support the outer-core application program to control its own internal entities through the outer-core entity control interface The access operation of the operating system implement...
the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More PUM
Login to View More Abstract
The invention discloses an operating system nucleus universal access control method supporting entities inside and outside a nucleus. The method comprises the following implementation steps: (1) implementing an access control interface and a rule for forced control of an access right of a nucleus entity in an operating system nucleus, and performing forced access controlling on the entity in the operating system nucleus through the operating system nucleus based on the access control interface and the rule; (2) on the basis of the nucleus access control interface, providing an extra-nuclear entity control interface corresponding to the assigned nucleus access control interface for an extra-nuclear application program outside the operating system nucleus, wherein the access operation of the extra-nuclear application program supported by the extra-nuclear entity control interface is controlled through the nucleus; and (3) acquiring an access control rule by the extra-nuclear application program through the extra-nuclear entity control interface so as to control the forced access of entity in the entity. The access control method disclosed by the invention has the advantages of being unified in protection inside and outside the nucleus of the entire system, safe, reliable, strong in universality and strong in expansibility.
Description
technical field [0001] The invention relates to the field of information security of computer operating systems, in particular to an operating system kernel unified access control method supporting entities inside and outside the kernel. Background technique [0002] Information security is an important part of national security. The operating system as the basis of information security protection has long relied on foreign operating system products, such as Microsoft Windows series, Apple's mac os, Android and other operating system products. It is difficult to protect the information security of our country. The Microsoft black screen incident in 2008 and the Prism Gate incident in 2013 fully demonstrated that the use of foreign operating systems + security patches cannot solve the fundamental problem of security. In order to get rid of the dilemma of relying on foreign operating system products, the domestic independent operating system has improved my country's ability...
Claims
the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More Application Information
Patent Timeline
Login to View More Patent Type & Authority Applications(China)
IPC IPC(8): G06F21/74
CPCG06F21/74G06F2221/2113
Inventor 廖湘科魏立峰陈松政罗军黄辰林董攀丁滟付松龄
Owner NAT UNIV OF DEFENSE TECH