Application program executing permission control method used for operating system

Abstract

The the invention discloses an application program executing permission control method used for an operating system. The method includes the following steps: classifying application programs in the operating system; establishing an executing permission control strategy of the application programs; when the application programs execute requests, checking classifying marks of the application programs, verifying completeness of the application programs if the classifying marks allow all users to execute or are protected and are tampering-proof, executing if verification passes, and refusing to execute if verification fails; if the classifying marks allow or refuse part of users to execute, inquiring the executing permission control strategy on the basis of inherent information of the application programs, executing if the executing permission control strategy returned by inquiring allows the application programs to be executed, and refusing to execute if not; if the classifying marks are empty or refuse all users to execute, refusing toe execute the application programs. The application program executing permission control method has the advantages of high malicious software preventing capability, safety, reliability, high stability, high universality and high expandability.

Description

technical field [0001] The invention relates to the field of computer security, in particular to an application program execution authority control method for an operating system. Background technique [0002] At present, with the continuous deepening of informatization, the damage of computer viruses to information systems is becoming more and more serious. How to ensure the security and credibility of information systems and ensure the integrity of applications from damage is an important manifestation of system security. Most of the existing computer viruses are caused by the intentional or unintentional execution of malicious programs by users. Malicious programs usually pretend to be normal programs or bind and modify normal programs, inducing users to execute tampered programs to achieve the purpose of destruction, causing damage to the security of information systems, leading to security incidents such as information leakage. Therefore, ensuring the integrity of syst...

AI Technical Summary

Problems solved by technology

However, the integrity detection method based on trusted computing needs to be supported by trusted computing chips such as TPM, and the integrity detection based on trusted computing chips for all software will have a great impact on system performance.

At the same time, due to reconfiguration caused by software installation and software upgrades, illegal software that has previously entered the system may be able to run. Therefore, there are certain security risks in software execution control based on trusted computing, which cannot effectively protect system security.

Images