The Research And Implementation Of Embedded Secure Operating System Based On Virtualization Technology

With more and more widespread using of embedded systems, the application of scenarios and requirements always change, but the existing system needs to run and maintain continuously, if the system enhancements continue to use the existing framework, it can not meet increasingly complex needs, and the development model must be compatible with the original platform with low productivity. By the introduction of embedded virtualization platform, features of the platform is able to meet the functional stability of the original system and enhance system functionality.Embedded virtualization technology is characterized by parallel execution of multiple execution environments on the same hardware, usually a mix of embedded real-time systems, bare metal code and Linux operating systems. Isolated by partitioning, the execution environment runs between independent systems, one system crash does not cause other system failure. In addition the microkernel as the underlying virtualization kernel, can reduce the complexity of core components, increase the credibility of the system.The dissertation as microkernel-based embedded virtualization platform introduces L4 microkernel and the framework of L4 based system, referred to by formal verification microkernel of seL4, then Fiasco microkernel virtualization platform has been analyzed, covering the security framework Capability of Fiasco kernel and virtualization system environment L4 Android and L4 Linux.Then the thesis introduced a security mechanism of L4 microkernel, explaining the Capability security control mechanism, referring to L4 safety standard L4.sec. Finally, the existing security mechanism has been enhanced, putting forward my own security reinforcement mechanism: distributed security policy monitor and Type Enforcement The framework is a core component of security decision nodes extended from init to all parent node, to achieve the functional decomposition, so that the system does not exist a hot issue, and then type enhances the ability of completing the transformation of property, so that during the secure communication period, resources can be further divided and positioning, so you can specify a more fine-grained access rules.