45 resultados para OSI Security, Mandatory Access Control, Security Education, Operating System Security, Web Services Security
em Chinese Academy of Sciences Institutional Repositories Grid Portal
Resumo:
IEEE; IEEE Computer Society; IEEE Technical Committee on Scalable Computing (TCSC)
Resumo:
Huazhong Univ Sci & Technol, Natl Tech Univ Ukraine, Huazhong Normal Univ, Harbin Inst Technol, IEEE Ukraine Sect, I& M/CI Joint Chapter
Resumo:
强制访问控制能有效地防止用户有意或无意地破坏系统的安全,能够有效地防止病毒和木马以用户的身份破坏系统的安全,是高安全需求操作系统的主要防护手段。业界对操作系统强制访问控制研究起步很早。然而,面对日新月异的应用场景,面对计算机系统及操作系统自身相关技术的迅猛发展,已有的针对操作系统强制访问控制的研究工作不足以兼顾安全性、可用性和灵活性。以上不足集中体现在:1) 当前广泛使用的强制访问控制机制从设计上难以同时满足实用系统对安全性和可用性的要求;2) 强制访问控制的设计缺乏对操作系统所处分布式、网络化环境的考虑;3) 操作系统强制访问控制研发保障技术需要进一步研究。 针对这些问题,本论文从强制访问控制的设计和保障出发,对操作系统强制访问控制关键技术展开研究,并取得了以下几个方面的成果: 第一:强制访问控制格策略模型机制简洁,安全性易验证,在安全操作系统和安全增强操作系统上应用广泛。然而严格地实施格策略会带来可用性的问题。本文针对机密性和完整性强制访问控制格策略模型,分别给出了可监控客体框架和Clark-Wilson可信主体特权状态跃迁监控框架。这些框架具有细的刻画粒度,好的扩展性和简洁性,我们对这些框架给出了数学描述,并对带Clark-Wilson可信主体特权状态跃迁监控框架的完整性格模型给出了理论证明; 第二:针对分布式应用环境,提出了基于可信计算技术和域型实施(Domain and Type Enforcement: DTE)策略的操作系统分布式强制访问控制方案。我们从理论上证明了策略的安全性。相比国内外同类工作,该方案具有细的访问控制粒度,在系统验证的简洁性和部署的灵活性方面是最好的; 第三:实施强制访问控制的中高等级安全操作系统的安全性需要利用形式化方法的严密性进行保证。本文按照TCSEC B2级别的要求,利用Z/EVES形式化工具对SECIMOS安全操作系统进行了形式化保障:给出了安全模型的形式化规范,给出了安全不变量和安全定理,证明了安全定理,描述了形式化安全模型与顶层设计的一致性; 第四:操作系统强制访问控制框架是强制访问控制机制在操作系统上实现的基础。本文提出了针对操作系统强制访问控制框架的自动测试用例生成方案。该方案利用编译器辅助审计代码插入,约束求解器辅助置乱参数生成,测试用例精简等技术为FreeBSD MAC框架生成了一套有效的回归测试用例套件。同时也为基于FreeBSD MAC框架的NFSARK系列安全操作系统提供了坚实的实施基础。 本文的研究成果向圆满解决当前国内操作系统强制访问控制的设计、实施和保障中遇到的问题的目标迈出了坚实的一步。
Resumo:
XML文档存放的信息需要受到访问控制策略的保护.现有的一些面向XML文档的访问控制模型都是基于自主访问控制策略或基于角色的访问控制.高安全等级系统需要强制访问控制来保证系统内信息的安全.首先扩展了XML文档模型使其包含标签信息,并给出了扩展后的文档模型需要满足的规则.然后通过讨论XML文档上的4种操作,描述了面向XML文档的细粒度强制访问控制模型的详细内容.该模型基于XML模式技术,它的控制粒度可以达到文档中的元素或者属性.最后讨论了该模型的体系结构和一些实现机制。
Resumo:
现阶段对操作系统的强制访问控制框架的正确性验证的研究主要集中于对授权钩子放置的验证.文中基于TrustedBSD MAC框架对强制访问控制框架的正确性验证问题进行了研究,在授权钩子放置验证的基础上,提出了安全标记的完全初始化验证和完全销毁验证.为了实现上述验证,文中提出了一个路径敏感的、基于用户自定义检查规则的静态分析方法.该方法通过对集成于编译器的静态分析工具mygcc进行扩展来验证强制访问控制框架的钩子放置的准确性和完备性.该方法具有完全的路径覆盖性,且具有低的误报率和时间开销.
Resumo:
商业应用需要实施完整性策略保护.Biba模型提供了一种简洁的多级完整性控制方案,但是需要引入可信主体来保证实施的可用性.而Clark-Wilson模型通过可监控的状态转换提供了一种完备的完整性保护,但其复杂性影响了该模型的完整实现.提出的模型以Biba严格完整性策略为基础,同时根据可信主体在其生命周期所属的状态实施Biba低水标策略.对可信主体在其生命周期发生的状态转换及相应的低水标参数调整,采用Clark-Wilson模型来进行监控.在有效解决了Biba策略的可用性问题和Clark-Wilson模型监控量过大给系统带来的配置和运行负担问题的同时,继承它们的优点.证明了该策略融合方案是可行的、安全的.
Resumo:
为解决LSM在策略重用和策略共存方面存在的问题,提出了一个新的安全体系结构ELSM,它引入一个模型组合器作为主模块实施模块堆栈管理和模块决策管理,其中模块决策的实施采用了访问控制空间的策略规范方法,可支持通用性,ELSM的设计及其在安胜OS安全操作系统中的实例分析表明其有效性。
Resumo:
In the paper through extensive study and design, the technical plan for establishing the exploration database center is made to combine imported and self developed techniques. By research and repeated experiment a modern database center has been set up with its hardware and network having advanced performance, its system well configured, its data store and management complete, and its data support being fast and direct. Through study on the theory, method and model of decision an exploration decision assistant schema is designed with one decision plan of well location decision support system being evaluated and put into action. 1. Study on the establishment of Shengli exploration database center Research is made on the hardware configuration of the database center including its workstations and all connected hardware and system. The hardware of the database center is formed by connecting workstations, microcomputer workstations, disk arrays, and those equipments used for seismic processing and interpretation. Research on the data store and management includes the analysis of the contents to be managed, data flow, data standard, data QC, data backup and restore policy, optimization of database system. A reasonable data management regulation and workflow is made and the scientific exploration data management system is created. Data load is done by working out a schedule firstly and at last 200 more projects of seismic surveys has been loaded amount to 25TB. 2. Exploration work support system and its application Seismic data processing system support has the following features, automatic extraction of seismic attributes, GIS navigation, data order, extraction of any sized data cube, pseudo huge capacity disk array, standard output exchange format etc. The prestack data can be accessed by the processing system or data can be transferred to other processing system through standard exchange format. For supporting seismic interpretation system the following features exist such as auto scan and store of interpretation result, internal data quality control etc. the interpretation system is connected directly with database center to get real time support of seismic data, formation data and well data. Comprehensive geological study support is done through intranet with the ability to query or display data graphically on the navigation system under some geological constraints. Production management support system is mainly used to collect, analyze and display production data with its core technology on the controlled data collection and creation of multiple standard forms. 3. exploration decision support system design By classification of workflow and data flow of all the exploration stages and study on decision theory and method, target of each decision step, decision model and requirement, three concept models has been formed for the Shengli exploration decision support system including the exploration distribution support system, the well location support system and production management support system. the well location decision support system has passed evaluation and been put into action. 4. Technical advance Hardware and software match with high performance for the database center. By combining parallel computer system, database server, huge capacity ATL, disk array, network and firewall together to create the first exploration database center in China with reasonable configuration, high performance and able to manage the whole data sets of exploration. Huge exploration data management technology is formed where exploration data standards and management regulations are made to guarantee data quality, safety and security. Multifunction query and support system for comprehensive exploration information support. It includes support system for geological study, seismic processing and interpretation and production management. In the system a lot of new database and computer technology have been used to provide real time information support for exploration work. Finally is the design of Shengli exploration decision support system. 5. Application and benefit Data storage has reached the amount of 25TB with thousand of users in Shengli oil field to access data to improve work efficiency multiple times. The technology has also been applied by many other units of SINOPEC. Its application of providing data to a project named Exploration achievements and Evaluation of Favorable Targets in Hekou Area shortened the data preparation period from 30 days to 2 days, enriching data abundance 15 percent and getting information support from the database center perfectly. Its application to provide former processed result for a project named Pre-stack depth migration in Guxi fracture zone reduced the amount of repeated process and shortened work period of one month and improved processing precision and quality, saving capital investment of data processing of 30 million yuan. It application by providing project database automatically in project named Geological and seismic study of southern slope zone of Dongying Sag shortened data preparation time so that researchers have more time to do research, thus to improve interpretation precision and quality.
Resumo:
基于实时取证的思想,提出了一种安全可取证操作系统(security forensics operating system,简称SeFOS)的概念和实现思路.提出了其总体结构,建立了该系统的取证行为模型,对其取证服务和取证机制进行了分析并作了有关形式化描述,阐述了证据数据的采集和安全保护方法,提出把取证机制置于内核,基于进程、系统调用、内核资源分配和网络数据等获取证据的方法,并通过模拟实验验证了SeFOS的可取证性.可取证操作系统的研究对于进一步研究可取证数据库管理系统(forensic database management system,简称FDBMS)和可取证网络系统(forensic network,简称FNetWork)具有重要意义.
Resumo:
最小特权机制可为安全操作系统提供恰当的安全保证级.本文描述了一种支持动态调节的最小特权安全策略架构,它结合角色的职责隔离和域的功能隔离特性,通过一种基于进程上下文一角色、执行域和运行映像的权能控制机制,将每个进程始终约束在这些上下文允许的最小特权范围内.本文实例分析了该架构在安胜OS v4.0,一种自主开发的、符合GB17859-1999第四级--结构化保护级的安全操作系统中的实现.结果表明,它可支持安全操作系统实施动态调节的最小特权控制,并提供灵活有效的系统.
Resumo:
多数支持POSIX权能机制的安全操作系统提出了各自的权能遗传算法,但这些算法都只适用于特定的最小特权控制策略,并且存在语义冲突、安全目标不明确等问题,不能有效支持多种安全需求不同的特权策略。通过对一些现有算法的深入分析,提出了一种新的权能遗传算法,该算法引入策略关联的权能控制变量以及可信应用属性。实例分析表明本算法具有策略适应性和可用性,形式化分析和验证表明它可使系统满足特权策略的基本安全定理。
Resumo:
LSM是Linux系统的通用访问控制框架,在安胜安全操作系统V4.0中,我们在这一访问控制框架的基础上做了适当的扩展并设计实现了安全审计系统.该安全审计系统与安胜安全操作系统V2.0的审计系统相比,性能得到了很大的提高.另外,隐蔽通道会绕过系统的安全策略来进行非法的数据流传输,我们在审计系统中进行了实时检测和报警.
Resumo:
安全操作系统可能因为内部或外部的原因发生失效或中断,进而导致其安全性损害。本文首先描述了一个通用的安全模型,然后扩展此模型以描述安全操作系统中的安全性损害,并提出依据安全策略从安全审计日志中分析计算安全性损害的方法,最后给出了安全性损害相应的可信恢复算法。在消极的安全防御外,本文的研究主动保证安全操作系统的安全性,增强了安全操作系统的可靠性和可恢复性。
Resumo:
在总结前人工作的基础上,结合安全操作系统对测试的特殊需求,提出了简并测试集(degenerate test set,简称DTS)的概念,设计了一种使用模型检测的基于安全状态转移的高效测试集生成方法.该方法以状态转移为化简对象,在利用模型检测技术生成测试用例的同时,归并相同的状态转移并化简需求集中的冗余属性,从而最终达到化简测试集的目的.在此基础上,探讨了单个用例失败时用例集的有效性问题,并对DTS生成算法进行了改进.实验结果表明,该方法可以有效地对测试集中的冗余进行化简.
