Study Of Secure Computer Architecture Based On Explicit Authorization Method

With the development of computer and the prevalence of Internet, they are becoming important more and more. The security of information is a serious problem. Every country attaches importance to this problem, and ploughs into much fund into it, but there are still some seious limination in the current theconology: Protection against virus is after the event; there lack of efficient means to prevent information from being stolen; security depends tightly on operating system. Security of information is tightly interrelated with the Architecture. Security of information originates from the Architecture; The design for security aims at the current Architecture; The method of security depends on the Architecture; The Architecture can be changed if necessary.The Architectue of EA is based on the explicit authorizaiton method. In this Architecture, the storage is separate from the host. The storage and devices of EA constitute an absolute storage system. It achieves storage-management by itself, and the granularity of information-tranfres between storage and host is file, any other form will be refused. At the same time, the storage system monitors and controls the file-operation from programs running on the host, if the file-operation can be execute or not lies on the explicit authorization of the current user. In the system based on EA, any file-operaion must be authorized by the user. We have analysed malwares that TrendMicro published from Feb. 9 2004 to Apr. 22 2004, the outcome is that all 151 malwares access storage. It is obvious that the Architecture based on EA is efficient in protecting information from malware in theory.In order to testify the Architecture based on EA, we simulated and test it simply. The testing includes the virus and some tools of information attacting. The explicit authorization method has captured their access to storage successfully.It is indicated both in theory and in partice that, the architecture based on EA is an effiecint method of information protection. This method can protect information from malware; and this method makes security of information not depend on OS any more; the user becomes the true owner of information.