| With the development of computer science and network technology, information technology makes people's work and life more and more convenient, and at the same time threatens the security of information. Up to now, many information security technologies have been developed to protect the information from destroying, leaking, or unavailability, secure operating system is the basis of all of them. The thesis designs and implements a secure OS based on Linux which is free and open with the goal of improving the security in access control.The paper firstly points out the limitations of current Linux in access control and the method to overcome them, then emphasizes on elaborating system architecture design, key technologies, the design and implementation of functional module. In the end, the system configuring process is explained, the system is summarized, and the future development of secure OS is discussed.Linux has limitations in access control as follow. Firstly, root has too many privileges and has full access to everything; Secondly, the protection of file system isn't strong enough, the important files can be easily changed; Thirdly, the key services can be illegally stopped or deleted because of lacking process protection mechanism; finally, discrete access control based on protection bits can't provide global secure policy based on individual user.To conquer limitations above-mentioned and improve Linux security, this system added a new access control layer above the original access control mechanism in current Linux. The additional access control layer intercept and capture access request in kernel by changing the security relative system calls, then judge the request according to the access control policy established by security administrator, consequently enhanced access control is enforced, users especially root are controlled, the protection of system resource such as file and process is improved.Not only the system functions but also system architecture which is designed based on GFAC is considered. GFAC separates access control between enforcement and decision communicated by defined interface, thus, access control models can be flexibly added or changed, however, the modification of enforcement is not needed. GFAC enable the system can be easily extensible and portable because of only the enforcement component is related with OS.The entire system is composed of four modules. Firstly, access control enhanced module of file system: it implements ACL in kernel to improve the security of file, to limit root's privilege and enable centrally administration of permission by the means of designing new data structures at VFS layer to save security information and changing file-system-related system calls. Secondly, process protection module: it uses and extends the Linux capability mechanism to prevent process from being killed illegally and reduce the risk of being attacked by hiding key process. Thirdly, self-protection module: it uses kernel sealing and system locking to assure the security of system itself. Last, the tools module: it provides configuring tool for security administrator to add, delete or update access control policy, and also provides administration tools to manage system.The system is implemented by programming LKM based on LSM framework. The LKM simplifies the implementation, standardizes the interface and enable the system can be easily maintained and portable. The LSM implements the system functions and connects it smoothly with original Linux system, also guarantes the system of security, high performance and user interface consistence.
|
PDF Full Text Request