Unlock instant, AI-driven research and patent intelligence for your innovation.

Mandatory access control method, device and apparatus and readable storage medium

A technology for mandatory access control and storage media, applied in the field of information security, which can solve the problems of loss of hidden dangers of information security, poor information security, and weak resistance.

Inactive Publication Date: 2019-07-09
INSPUR SUZHOU INTELLIGENT TECH CO LTD
View PDF4 Cites 11 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

As a Unix system, the AIX system itself has many advantages, but it also has the disadvantages of the general system, such as the AIX system using autonomous access control
Since the data access authority of autonomous access control is controlled by the user and cannot be controlled by the system, the resistance to attacks such as Trojan horses is weak, which further leads to poor information security.
For the banking system, hidden dangers of information security may cause immeasurable losses and impacts

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Mandatory access control method, device and apparatus and readable storage medium
  • Mandatory access control method, device and apparatus and readable storage medium
  • Mandatory access control method, device and apparatus and readable storage medium

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0051] In order to implement mandatory access control in the AIX system, a driver module may be installed in the AIX system, and the driver module may specifically be a module for executing the steps of mandatory access control. The AIX system provides a way to dynamically load kernel drivers. This is similar to the lkm technology of linux, and the driver module can be added to the kernel in this way. In the process of adding settings, it is only necessary to comply with the development specification provided by aix, and the process of adding and setting the driver module will not be repeated here. After the driver module is set in the AIX system, the mandatory access control can be realized in the computer on which the AIX system is installed.

[0052]Please refer to figure 1 , figure 1 It is a flowchart of a mandatory access control method in an embodiment of the present invention, and the method includes the following steps:

[0053] S101. Intercept system calls in the ...

Embodiment 2

[0087] Corresponding to the above method embodiment, the embodiment of the present invention also provides a mandatory access control device, and the mandatory access control device described below and the mandatory access control method described above can be referred to in correspondence.

[0088] see figure 2 As shown, the device includes the following modules:

[0089] System call interception module 101, for intercepting the system call in the AIX system, obtains the information parameter of user space output;

[0090] The access subject and object acquisition module 102 is used to analyze the information parameters and obtain the access subject and object corresponding to the system call;

[0091] Mandatory access judging module 103, used to judge whether the access subject and object match the preset access control policy;

[0092] A system call execution module 104, configured to pass information parameters into the kernel space when the access subject and object matc...

Embodiment 3

[0103] Corresponding to the above method embodiment, the embodiment of the present invention also provides a mandatory access control device, and the mandatory access control device described below and the mandatory access control method described above can be referred to in correspondence.

[0104] see image 3 As shown, the mandatory access control equipment includes:

[0105] memory D1 for storing computer programs;

[0106] The processor D2 is configured to implement the steps of the mandatory access control method in the above method embodiment when executing the computer program.

[0107] Specifically, please refer to Figure 4 , Figure 4 A schematic structural diagram of a mandatory access control device provided in this embodiment. The mandatory access control device may have relatively large differences due to different configurations or performances, and may include one or more central processing units (CPU) 322 (eg, one or more processors) and memory 332, and o...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses a mandatory access control method, which comprises the following steps of: intercepting a system call in an AIX system, and obtaining an information parameter output by a userspace; analyzing the information parameters to obtain access subjects and objects corresponding to system calls; judging whether the access host object is matched with a preset access control strategyor not; if so, transmitting the information parameters into a kernel space so as to execute system calling in kernel space; and if not, forbidding executing the system call in the kernel space. By applying the method, mandatory access control can be realized in the AIX system, attacks such as Trojan Trojan can be prevented, the security of the AIX system can be improved, and the information security is ensured. The invention also discloses a mandatory access control device, mandatory access control apparatus and a readable storage medium, which have corresponding technical effects.

Description

technical field [0001] The present invention relates to the technical field of information security, in particular to a mandatory access control method, device, equipment and readable storage medium. Background technique [0002] AIX (Advanced Interactive eXecutive) is a UNIX-like operating system developed based on AT&T Unix System V, which can run on the minicomputer hardware system designed by IBM's proprietary Power series chips. It complies with the Open group's UNIX 98 industry standard (The Open Group UNIX 98Base Brand), and provides comprehensive scalability for 32-bit and 64-bit applications by fully integrating parallel operation support for these applications. It runs on all IBM-p series and IBM RS / 6000 workstations, servers, and massively parallel supercomputers. [0003] At present, the AIX system has occupied more than half of the small computer market, especially in the banking system, the use of the AIX system has been deeply rooted. As a Unix system, the A...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Applications(China)
IPC IPC(8): G06F21/60G06F21/45
CPCG06F21/45G06F21/604
Inventor 崔士伟吕琦
Owner INSPUR SUZHOU INTELLIGENT TECH CO LTD