With an experiment of implementing a practical secure operating system in accordance with the consideration of a variety of information threats and security requirements, research on and enforcement of the security policy in secure operating system(SOS). As a result, six principal achievements have been obtained. First, the security policies fit for SOS are determined. And related security models and security mechanisms is classified, discussed and analyzed systematically at the first time. A comprehensive perspective of the evolution process of security policies and models is presented, which lays the ground for the overall knowledge of the state of the art of security policies and models. Second, research on the refinement of security policy is conducted and the essential properties of multiple security policy are presented, which provides helpful guides for the later development of security policy. Third, based on the Linux system, the security goal, services and mechanisms of operating system kernel are analyzed systematically at the first time, the map of security services and mechanisms is proposed, and the resident problems of the Linux kernel together with corresponding improvement suggestions is presented. Fourth, by introducing the metapolicy and decision cache concepts into the operating system kernel, a security architecture of SOS, named SOSSA, is constructed, which can support multiple security policy and improve the implement performance in a SOS kernel. A SOS based on the main stream Linux system, named RFSOS, is produced successfully according to the SOSSA. The system has passed the 3rd level certification against the China Classified Criteria for Security Protection of Computer Information System. Fifth, a common framework of multilevel sensible labels (MLSLCF) is proposed, which overcomes the problem existed in previous SOS that a subject only access objects in same level during a session. Based on MLSLCF, the multilevel confidential and integrity access control are simultaneously implemented in RFSOS. Last but not least, the specification of security policy is - v - ä¸å›½ç§‘å¦é™¢è½¯ä»¶ç ”究所åšå£«å¦ä½è®ºæ–‡æ”¯æŒå¤šå®‰å…¨æ”¿ç–的安全æ“ä½œç³»ç»Ÿçš„ç ”ç©¶å’Œå®žæ–½studied and a specification language for security policy (SPSL) is presented. With SPSL, multiple security policies, such as discretionary access control policy, multilevel access control policy, Chinese wall policy and type enforcement policy can be specified. In a word, the principal achievements of this thesis are helpful to the development of novel security policy and models, and to the construction of secure operating system platforms for computer security of applications in the real world...
|