Method for improving operation system safety through incompatiblity of process behavour

A kind of incompatibility and operating system technology, which is applied in the direction of computer security device, multi-program device, platform integrity maintenance, etc., to achieve the effect of improving security

Active Publication Date: 2007-04-11
INSIGMA TECHNOLOGY CO LTD
View PDF0 Cites 5 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

In this way, even if there is a spyware that runs and takes the identity of the "super user", but wants to send the files in this directory through the network connection, it will not succeed.

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0051] Embodiment 1, the implementation in Linux operating system

[0052] As mentioned above, the original content of the incompatibility description block can come from the security policy database or the ACL of the executable file, and the further supplementary information comes from the ACL of the specific file. However, depending on the specific implementation, it is not impossible for all information to come from the security policy database or ACL. The difference is that the security policy database is centralized, while ACL is distributed. Generally speaking, the rules related to each specific file are organized and stored along with the specific file, which is ACL; and if it is organized and stored centrally, it becomes a security policy database. For the method for improving the security of the operating system through the incompatibility of process behavior described in the present invention, this is only the difference in the specific implementation, the two have ...

Embodiment 2

[0238] Embodiment 2, the implementation in Windows operating system

[0239] The method of the present invention is also applicable to Windows, and the above-mentioned Linux embodiment can be referred to in implementation.

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

This invention relates to a method for improving the OS security through the incompatibility of process acts, and the major steps is as followed: 1.1) defining a group of key acts which is possible to have the incompatibility such as mutually exclusion, 1.2) each process has the rules of incompatibility in a certain way of recording, 1.3) each process records the occurred key acts according to a certain form, 1.4) the key acts must be checked for taboo before occurrence, and judgment is make according to the rules of incompatibility and the occurred key acts. If there is incompatibility in the occurred key acts, such as the mutually-exclusive acts have been occurred , the key acts is regard as the taboo behavior and not permitted its occurrence. The beneficial effect of the invention is that: incompatibility of process acts is introduced into the computer operating system, and according to the process, the occurred acts control the follow-up to improve the security of computer system.

Description

technical field [0001] The invention relates to a method for improving the safety of a computer operating system, and mainly relates to a method for improving the safety of the operating system through the incompatibility of process behavior. Background technique [0002] The security of the operating system is mainly reflected in the security of the file system. In order to ensure that specific files and directories are not subject to inappropriate access, such as malicious or accidental reading, writing, modification, creation, and execution, a mechanism called "Access Control List (ACL)" has been developed in the field of operating systems. With technology, each file or directory (or other resources) is equipped with an "access control list", which lists in detail what kind of access rights (read / write / execute and others) are allowed for which people or groups, or not What kind of access is allowed; no access is allowed if it is not on the list, or only read is allowed. ...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): G06F21/00G06F9/46G06F21/52
Inventor 毛德操
Owner INSIGMA TECHNOLOGY CO LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap