| Ever since embedded operating system (OS) appears, the related security model design, especially the design and implementation of mobile phone operating system security architecture, received a lot of attention both on researching and engineering. Although the technology goes on advancing, security leaks of embedded OS remains all the time, due to the security awareness absence. There is high possibility that virus break out among mobile phone OS which has more potentials to endanger information security.Based on the consideration, we discussed the attack means of current OS virus, thus conclude the ways to protect systems, such as detect and response, sand box, code signing, and privacy control etc. We got basic aspects from the discussion.We made profound debate on underlying security policy and technology of embedded OS. After introduce eight security tech aspects of embedded OS both on hardware and software, we put a lot of debates on security policy models which are already exist. And we also give out the shortcomings and shortages of them when implement each into the embedded OS separately.On the other hand, characters of every software programming language vary from each other. And operating system which developed based on those languages inevitably inherited these characters, advantages or disadvantages. Due to this, the chose of develop language for the OS became very important. During the research, we found the excellent character of type safe of Java programming language, which well controls the complexity of programs, give us very strong backbone when we work on the improvement of security policy model and its implement of a Java based OS-JX.All above debates lead us to the road of improve the design and implement of security policy model of JX successfully. In the improved model, we inherited the original design, and made it even flexible and suitable for application development. Especially, we improved the security kernel of trusted computing base (TCB), and also the security manager and access controller.We made a great emphasis on multi-permission design and its implement, which is the convergence of several security policy models and be able to expand dynamically. And during the design, we also try best to keep some principles of JX security design - minimize JDK etc.In the end, we give the implement of improved security model use pure Java code, and showed out some of the most essential codes. Also, we put some debate on potential influence against performance of new design. |
PDF Full Text Request