| Normally, system security is divided into two aspects including security functionand security assurance. The security function means implementation of securitypolicies and security mechanisms to meet the functional requirements. Securityassurance guarantees security function can be correctly carried out by some ways. Inrecent years, both become the focus domestic and international researchers concern,and a series of research achievements are produced. In comparison, achievements ofsecurity function are more plentiful. For example, information flow model, accesscontrol mechanism, and the security architecture have been researched intensively andextensively. While in security assurance field, software engineering method is mainlyadopted, including the software design, development, testing, operation and riskassessment. Deep research for security of operating system architecture level is rare.Especially for the current operating system, no effective solution is proposed to solvestructuration problem of system that the simplified hardware structure causes. Theoperating system structuration is an effective way to solve the security assuranceproblem. It also is the important essential features of high security level operatingsystem (TCSEC B2above). Therefore, deep research for key technologies of theoperating system structuration and constructing security assurance architecture thathigh level system requirs has important theoretical and practical significance tofurther promote the construction of level protection system for the importantinformation systems of our country.In this thesis, operating system structuration includes program structuration, datastructuration and connection structuration. Substantial support for security assuranceof current systems can be provided when the three parts are integrated into an organicunity in operating system level. Therefore, the thesis analyzes and expressesstructuration characteristics of system from three aspects composed of programstructuration, data structuration and connection structuration. It conducts study forsecurity assurance requirements of TCSEC structured protection level. By introducingthe concept of trusted pipeline, we propose SOSA (Structuration Operating SystemArchitecture), which integrates three key technologies including process structuration,virtual isolation and information flow control. Based on non-interference model,security of the system is analyzed and proved. In the end, related prototype is implemented on Linux platform.Major achievements of this thesis are as follows.Firstly, we describe the concept of structuration system and construct SOSA.Combining related research of trusted computing, we describe the trustedcharacteristics in SOSA. And some key features of structured protection level isreflected in SOSA accordingly.Secondly, it proposes operating system structuration model based on the process.Based on non-interference model, it puts forward formalism description andstructuration rules of process environment about system program structurationproblems, and proving process is also provided.Thirdly, we study the importance of virtual isolating mechanism for structurationsecurity in SOSA, SVIEM (Structuration Virtual Isolation Environment Model) isdefined based on process environment. Virtual isolation rules are given on SOSA, andvirtual isolating mechanism is proposed based on process environment isolation andTCB. Theoretical analysis shows that SVIEM realization model can meet BLP modeland Biba model requirements in the confidentiality and integrity.Fourthly, we study the formalization of trusted pipeline, establish SIFCM(Structuration Information Flow Control Model), and propose flow control methodbased on trusted pipeline in SOSA. At the same time, combining reference monitorhypothesis of non-interference model, the structural SOSA system is correspondedwith requirements of high level security system, and Model security is proved bystructural assurance rules. At last, covert channel analysis of system is conducted,which proves some storage covert channels can be removed by trusted pipeline.Fifthly, related key technologies of SOSA are implemented on Linux platform,including the program structuration, data structuration and connection structuration.In a word, according to security requirements of high level operating system(TCSEC B2above), this thesis studies a series of key technologies and method ofstructuration operating system. Correct implementation of security function is ensuredfrom three aspects of program structuration, data structuration and connectionstructuration. The research results provide foundation for further design anddevelopment of the high security level operating system.
|
PDF Full Text Request