Operating system nucleus universal access control method supporting entities inside and outside nucleus

Abstract

The invention discloses an operating system nucleus universal access control method supporting entities inside and outside a nucleus. The method comprises the following implementation steps: (1) implementing an access control interface and a rule for forced control of an access right of a nucleus entity in an operating system nucleus, and performing forced access controlling on the entity in the operating system nucleus through the operating system nucleus based on the access control interface and the rule; (2) on the basis of the nucleus access control interface, providing an extra-nuclear entity control interface corresponding to the assigned nucleus access control interface for an extra-nuclear application program outside the operating system nucleus, wherein the access operation of the extra-nuclear application program supported by the extra-nuclear entity control interface is controlled through the nucleus; and (3) acquiring an access control rule by the extra-nuclear application program through the extra-nuclear entity control interface so as to control the forced access of entity in the entity. The access control method disclosed by the invention has the advantages of being unified in protection inside and outside the nucleus of the entire system, safe, reliable, strong in universality and strong in expansibility.

Description

technical field [0001] The invention relates to the field of information security of computer operating systems, in particular to an operating system kernel unified access control method supporting entities inside and outside the kernel. Background technique [0002] Information security is an important part of national security. The operating system as the basis of information security protection has long relied on foreign operating system products, such as Microsoft Windows series, Apple's mac os, Android and other operating system products. It is difficult to protect the information security of our country. The Microsoft black screen incident in 2008 and the Prism Gate incident in 2013 fully demonstrated that the use of foreign operating systems + security patches cannot solve the fundamental problem of security. In order to get rid of the dilemma of relying on foreign operating system products, the domestic independent operating system has improved my country's ability...

AI Technical Summary

Problems solved by technology

The operating system as the basis of information security protection has long relied on foreign operating system products, such as Microsoft Windows series, Apple's mac os, Android and other operating system products. It is difficult to protect the information security of our country

The Microsoft black screen incident in 2008 and the Prism Gate incident in 2013 fully demonstrated that the use of foreign operating systems + security patches cannot solve the fundamental problem of security

However, because the internal security mechanism of the application itself cannot be combined with its operating platform-operating system, its security protection capability is not high and its foundation is not solid.

Images