Unlock instant, AI-driven research and patent intelligence for your innovation.

Self-learning trusted policy construction method and system based on selinux

A construction method and self-learning technology, applied in the computer field, can solve problems such as the failure of the application program to run normally

Active Publication Date: 2022-05-10
BEIJING UNIV OF TECH
View PDF5 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0009] In view of this, the embodiment of the present invention provides a SELinux-based self-learning trusted policy construction method and its system to solve the current defect that the application program cannot run normally during the process of policy construction for a specific application program

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Self-learning trusted policy construction method and system based on selinux
  • Self-learning trusted policy construction method and system based on selinux
  • Self-learning trusted policy construction method and system based on selinux

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0027] In order to make the purpose, technical solutions and advantages of the embodiments of the present invention clearer, the technical solutions in the embodiments of the present invention will be clearly and completely described below in conjunction with the drawings in the embodiments of the present invention. Obviously, the described embodiments It is a part of embodiments of the present invention, but not all embodiments. Based on the embodiments of the present invention, all other embodiments obtained by persons of ordinary skill in the art without creative efforts fall within the protection scope of the present invention.

[0028] The trusted policy is a rule-based database for defining subjects to read objects. Each rule records which type of subject uses which method to read which object is allowed or denied, and at the same time defines which behavior is allowed or denied . Wherein, an object refers to all objects that can be read, including files, directories, p...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

A self-learning trusted policy construction method and system based on SELinux provided by the embodiments of the present invention, the method includes: obtaining the application program that needs to be added into the policy file; entering the policy learning mode, setting SELinux as a tolerant mode; allowing and executing For all operations of the application, obtain the rejection information recorded in the log file; read the rejection information, convert the rejection information into a policy file; load the policy file into the kernel. In the self-learning trusted policy construction method and system provided by the embodiments of the present invention, for a newly installed application program, by setting SELinux as a tolerant mode, a training process is used to construct a policy file, and the application program operation that needs to be added to the policy file is executed. In the case of not adding a pre-operation policy, the post-operation is still allowed to execute without stopping the learning process, realizing the credible policy required for building applications without affecting the program's operation.

Description

technical field [0001] The invention relates to the field of computer technology, in particular to a SELinux-based self-learning trusted policy construction method and system. Background technique [0002] The default rule of the SELinux security module is that in the enforcement mode, all operations not defined in the policy file will be denied and the rejection information will be written into the log file; in the permissive mode, SELinux will allow all operations of the application and will Operation information not defined in the file is written to the log file. The rejection information in the log file mainly includes: subject and object information, security context, operation of the subject on the object, etc. If certain operation information is defined in the policy file, the operation will not be rejected by SELinux, and the corresponding rejection information will not be recorded in the log file. When the system newly installs an application, any operation of the...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Patents(China)
IPC IPC(8): G06F21/57
CPCG06F21/57
Inventor 张建标万永祺黄浩翔冯星伟陶务升曹雪琛
Owner BEIJING UNIV OF TECH