| With the development of computer science and network technology, information technology makes people's work and life more and more convenient, and at the same time threatens the security of information. Up to now, many information security technologies have been developed to protect the information from destroying, leaking, or unavailability; secure operating system is the basis of all of them. The thesis designs and implements a secure OS based on Linux that is free and open with the goal of improving the security in access control.The codes of Linux kernel are analyzed firstly. The method of implementation and the way of security is studied. Then security mechanism of Linux is elaborated and some insecure factors in Linux are pointed out.Linux has limitations in access control as follow: firstly, root has too many privileges and has full access to everything; Secondly, the protection of file system isn't strong enough, the important files can be easily changed; Thirdly, the key services can be illegally stopped or deleted because of lacking process protection mechanism; Finally, discrete access control based on protection bits can't provide global secure policy based on individual user.The paper mainly discusses diverse security policies in operating systems. The GFAC framework separates access control between enforcement and decision, implement grain discretionary access control, multi-level security policy based Bell-LaPadule model mandatory access control and Biba model integrity access control, so as to strengthen security and integrate of operation system.
|
PDF Full Text Request