| With the practical development of a secure operating system in accordance with the requirements of the fourth level, i.e. Structured Protection Level, of GB 17859, some key technologies of high level secure operating system are conducted both theoretically and practically in this thesis. As a result, six principal achievements have been obtained. First, with the integration of GB17859 and GB/T18336 at the first time, a Structured Protection Level Protection Profile (SPLPP) is presented systematically in accordance with the Structured Protection Level of GB 17859, which lays the ground for the development and evaluation of the system in future, and can be registered in the authorities for inspection, evaluation and verification of the security products. Second, corresponding to SPLPP and according to the requirements of GB/T18336, a security target (ST) design of a secure operating system which is conformant to the security function of the Structured Protection Level of GB 17859 is constructed and presented in detail. This security target is a summary specification of the system and the base for the top level function specification. Third, based on the thorough research of the multilevel security models, integrity models and Role-Based Access Control Models (RBAC), a modified BLP model (MBLP) is designed and applied in a secure operating system developed independently. Then, a well-integrated model of BLP model, Clark-Wilson model, DTE model and RBAC models is proposed, leading to a prominent Dynamic Authorization Access Control Model (DAACM), which supports diverse security policies, including confidentiality, integrity and authorization. DAACM is conformant to the requirements of the secure operating system design of Structured Protection Level, and will be used to the practical system design. Forth, depending on a limited syntax language, a research on the method and process of the semi-formal specification of the top level function is developed. This top level specification paves the way for the system verification and the covert channel analysis. Fifth, assimilating the new idea of system design technology named Flask Security Architecture, we construct a security architecture which meets the requirements of Structured Protection Level, and shows its advantages in separating the security policy decision from the security policy enforcement and in system modularization. Sixth, we introduce some helpful investigations about some key technologies of high level secure operating system design, such as covert channel analysis and trusted path, and describe their coarse-gained implementation in the real system. To sum up, this thesis discusses many helpful technologies, and achieves some experiences for the implementation of Structured Protection Level Secure Operating System and the principal achievements of this thesis establish a firm foundation for the research and design of the high level secure operating system.
|
PDF Full Text Request