Design And Implementation Of Trusted Recovery In Secure Operating System

The security of the operating system plays a vital role in the computer system overall security, without the security of the operating system, the security of the computer system does not have the foundation. But the accidental system failure has the possibility of destroying the consistency and the security protection performance of the operating system. The trusted operating system requires the TCB(Trusted Computing Base) of the computer information system to provide the process and the mechanism which can guaranteed that the computer information system can recovery form its failure and interruption without harming any security protection performance. This is called trusted recovery.This thesis profits from the mechanisms which are used in the design of database transaction and provides atomicity for the TCB operations, ensuring the atomicity of the secure state transitions. A trusted recovery system based on atomic operation was proposed and implemented in this thesis. All secure operations are treated as transaction, and a series of tools are included, So secure state can be recovered while the computer information system is failed or interrupted.The trusted recovery system provides user level transaction creating primitives. New transaction declaration system calls are established to provide interfaces for TCB operations creating and committing transactions. By wrapping its code segment as a transaction, the atomicity of a TCB operation can be guaranteed by the trusted recovery system in the kernel.The trusted recovery system consists of transaction monitor, journal system, journal file, and some utilities. The transaction operation is achieved through the establishment of the journal. The journal system captures all the updating operations of the TCB primitives and logs the update in the journal file until the transaction is successfully completed, then the transaction is replayed to their actual positions on the disk.The trusted recovery system provides a variety of recovery functions by recovery mechanism and tools such as making checkpoint and system archive. The currently consistent state can be reconstructed with journal file and system archive while TCB failure, system failure, or media failure.