文件名称:Design_of_secure_operating_systems_with_high_security_levels.pdf
文件大小:349KB
文件格式:PDF
更新时间:2012-01-04 10:47:35
operating system security
Numerous Internet security incidents have shown that support from secure oper-ating systems is paramount to fighting threats posed by modern computing envi-ronments. Based on the requirements of the relevant national and international standards and criteria, in combination with our experience in the design and devel-opment of the ANSHENG v4.0 secure operating system with high security level (hereafter simply referred to as ANSHENG OS), this paper addresses the following key issues in the design of secure operating systems with high security levels: se-curity architecture, security policy models, and covert channel analysis. The design principles of security architecture and three basic security models: confidentiality, integrity, and privilege control models are discussed, respectively. Three novel se-curity models and new security architecture are proposed. The prominent features of these proposals, as well as their applications to the ANSHENG OS, are elaborated. Cover channel analysis (CCA) is a well-known hard problem in the design of secure operating systems with high security levels since to date it lacks a sound theoretical basis and systematic analysis approach. In order to resolve the fundamental difficul-ties of CCA, we have set up a sound theoretical basis for completeness of covert channel identification and have proposed a unified framework for covert channel identification and an efficient backward tracking search method. The successful ap-plication of our new proposals to the ANSHENG OS has shown that it can help ease and speedup the entire CCA process.