Security protection method for operation system command

A security protection, operating system technology, applied in the field of security protection of operating system commands, can solve the problems of illegal data theft, major security risks, security problems, etc., to improve security, protect security, prevent theft or Tampering effect

Inactive Publication Date: 2017-04-19
DATANG GAOHONG XINAN ZHEJIANG INFORMATION TECH CO LTD
View PDF3 Cites 5 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0003] The operation commands of the existing operating system have the following security problems: super users can set the permissions of group users and other users, so that group users and other users can execute commands that they do not have permission to execute, which brings security risks to the system; malicious users Once a malicious program is installed, the illegal commands during its execution will damage the system or illegally steal data, causing serious security problems; the operating system key is generally stored in a file or hard-coded in the program, there greater security risk

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Security protection method for operation system command
  • Security protection method for operation system command
  • Security protection method for operation system command

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0023] The present invention will be further described in detail below in conjunction with the accompanying drawings and embodiments.

[0024] Such as Figure 1-3 As shown, the security protection method of the operating system command disclosed by the present invention includes:

[0025] The user space configuration command whitelist file, the command whitelist file includes a number of allowed operation commands, the command whitelist file is encrypted using a symmetric encryption algorithm (such as AES encryption algorithm), and the generated ciphertext command whitelist file Stored in the storage space, the key of the symmetric encryption algorithm is stored in the trusted security chip (TPM: TrustedPlatform Module);

[0026] Take out the key from the trusted security chip, decrypt the ciphertext command whitelist file based on the symmetric encryption algorithm, generate the plaintext command whitelist file, and transmit all the operation commands in the command whitelis...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention provides a security protection method for an operation system command. A command white list file comprising all operation commands allowed to be executed is configured and encrypted, and an encryption key is stored in a credible security chip, so that the security of the command white list file can be effectively protected and prevented from being stolen or tampered; all the operation commands in the command white list file are stored in a kernel space in the form of a command linked list structure; and when a kernel space execution command executes a processing function, whether the operation command can be executed or not can be judged by judging whether the to-be-executed operation command is in a command white list file list or not. According to the method, the operation commands of an operation system are managed through a method of configuring the command white list file, so that a superuser can be prevented from executing any operation command by utilizing a right of the superuser, the execution of an illegal operation command of a malicious program is avoided, the security of the operation system commands is improved, and the system security is enhanced.

Description

technical field [0001] The invention relates to a safety protection method for operating system commands, which belongs to the technical field of information safety. Background technique [0002] The operation commands of the operating system are composed of a series of executable programs. Each command is used to complete a specific function. According to different user rights, the executable operation commands are also different. For example, in the UNIX system, file operation commands include read, Write, execute, etc., the super user (root user) can execute all operation commands, the user who owns the file (owner user) can execute all file operation commands on the file, the group user (group user) can execute read and execute commands on the file, other users (other user) cannot perform any operation commands on files. [0003] The operation commands of the existing operating system have the following security problems: super users can set the permissions of group use...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): G06F21/54G06F21/60G06F21/62
CPCG06F21/54G06F21/602G06F21/6209G06F2221/2107
Inventor 郑驰梁思谦
Owner DATANG GAOHONG XINAN ZHEJIANG INFORMATION TECH CO LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap