Unlock instant, AI-driven research and patent intelligence for your innovation.

TEE-based mandatory access control security enhancement framework performance evaluation method and system

A mandatory access control and security technology, used in computer security devices, hardware monitoring, instruments, etc.

Active Publication Date: 2021-07-30
NAT UNIV OF DEFENSE TECH
View PDF10 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

However, the current performance evaluation is mainly carried out after the system is implemented. Although it can provide feedback and guidance for the system framework design, the cost of system implementation cannot be avoided.

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • TEE-based mandatory access control security enhancement framework performance evaluation method and system
  • TEE-based mandatory access control security enhancement framework performance evaluation method and system

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0024] Such as figure 1 As shown, the TEE-based mandatory access control security enhancement framework performance evaluation method in this embodiment includes:

[0025] 1) For the test item i specified on the target performance test software, obtain the running time R of the test item i in the ordinary world REE i And the total number of HOOK function calls n in the HOOK function set S implemented for the evaluated mandatory access control security enhancement framework i ;

[0026] 2) According to T i =t×n i +R i Calculate the cost T of the test item ii , where t is the single world switching cost of triggering the HOOK function in the normal world REE to switch to the secure world TEE for security policy decision and then returning to the normal world REE.

[0027] The basic principle of the performance evaluation method of the mandatory access control security enhancement framework based on TEE in this embodiment is as follows: what the security policy of the mandat...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses a TEE-based mandatory access control security enhancement framework performance evaluation method and system, and the method comprises the steps: 1) carrying out the testing of a test single item i specified on target performance testing software, the running time Ri of a test single item i and the total HOOK function calling frequency ni in a HOOK function set S achieved for the assessed mandatory access control security enhancement framework are obtained in a common world REE; and 2) calculating according to Ti = t * ni + Ri to obtain the overhead Ti of the test single item i, wherein t is the single world switching overhead of triggering the HOOK function to switch to the safety world TEE to carry out the safety strategy decision under the ordinary world REE and then returning to the ordinary world REE. According to the method, the performance evaluation of simulation evaluation can be realized on the premise that the TEE-based mandatory access control security enhancement framework is not specifically realized, and the expandability and the universality are good.

Description

technical field [0001] The invention relates to the field of information security of computer operating systems, in particular to a performance evaluation method and system of a TEE-based mandatory access control security enhancement framework. Background technique [0002] With the development of cloud computing, the Linux operating system running on the terminal server manages far more sensitive data than before, so stronger security is required. In the traditional method, mandatory access control can manage the authority between the subject and the object in a unified way to control the system authority, which is an important aspect of protecting the kernel security. LSM is the specific implementation of mandatory access control in Linux, which is divided into two parts: implementation and decision-making. The implementation part inserts the HOOK function at key kernel codes such as system calls, and after obtaining the decision result, implements the behavior of allowin...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Applications(China)
IPC IPC(8): G06F21/60G06F11/34G06F11/36
CPCG06F21/604G06F11/3419G06F11/3688
Inventor 丁滟李志鹏谭郁松董攀黄辰林李宝王晓川蹇松雷宋连涛王鹏
Owner NAT UNIV OF DEFENSE TECH