Research And Implementation Of Discretionary Access Control Mechanism In Secure Operating System

Discretionary Access Control (DAC) is one of necessary and most common secure mechanisms in the secure operating system. DAC is a means of restricting access to objects based on the identity of subjects and /or groups to which they belong. The controls are discretionary in the sense that a user or process given discretionary access to information is capable of passing that information along to another subject. Based on various research results and practical experiences, we found that there is much to be done to improve DAC mechanism in usability and security aspects.The thesis overview the DAC theory and the most commonly used DAC mechanisms firstly. Then, compatible with the remaining simple yet powerful file permission model, the ACL introduced. Main achievements include: first, supporting the POSIX family of standards, the thesis adds two new ACL entries in to Access Control List for global uses. And design the ACL valid check algorithm and ACL Access Check Algorithm. Second, in according to the application security needs, the set of discretionary access permissions has been extended to twelve permissions, such as create/delete/getattr/setattr. These additional permissions have been added and implementation defined for different objects. The thesis implements ACL mechanism in the kernel for r, w and x permission, and a loadable kernel module with the hooks inserted into kernel by the Linux Security Module (LSM) for the extended permission. Third, presents a method to put ACL on the abstract layer of Extended Attribute (EA) Mechanism. The ACLs are passed in the EA system calls. Fourth, design the whole Access Check strategy and the DAC frame. Fifth, to advance the system usability, provides functional user managing interface, including DAC management GUI tools and two shell commands.The idea put forward by this thesis intends to open a new approach to build DAC with fine-grained permission and access control. The effectiveness of the DAC mechanism design and implemented in this thesis is proved in the SECIMOS secure operating system which meets the class four criteria of the Chinese National Standard GB17859-1999. This DAC mechanism works well in the SECIMOS system, making it a solid ground for future research and development in DAC direction.