| With the popularization of network, information security becomes increasingly significant, especially to some important departments of the state. This paper aims to improve the security protection mechanism of important data servers in security network. According to trait of complete isolation of the security network and computer system from exterior on the physical level, most of the violators, transgressors and abusers are such legal interior users that have various access rights. In consequence, automatic audition and analysis of the behavior of the on-line users, analysis of the log of system audition and system bugs, and active system detection and system event supervision, are undoubtedly effective means to detect and supervise computer violation and aggression. This paper proposes the architecture and prototype of the host computer detection and supervision system. The detection and supervision system of host computer's system protects and controls access of critical server of the potential security-invaded network. To enhance system security and facilitate management, the whole system comprises two parts: the control center and the protected server. The control center is mainly used by administrators who are obliged to configurate the profiles and provides the control table of user rights for each server. The protected server, the main body to provide information service and protection, is the principal part to realize security management. This paper provides a detailed introduction of the design and fulfillment of some pivotal modules like SSH Module, Login Module and UNIX Network Information Module. Based on Capability Technique and the project, this paper proposes Extended Capability Access Control technique with its theory and structure which has achieved desirable effects. |
PDF Full Text Request