| Along with the widespread application of computer and network technology, information security has become a key factor of national security. And the security of entire information system is based on that of operating system. The evaluation of the operating system can assure that the security function fulfill their security needs. And as the domestic development of operating system, design and implementation of the automated security evaluation tools has become an urgent request.To achieve the security evaluation automation, first we should study on the evaluation methods of it. To a certain extent, the security evaluation methods are expressed by the security evaluation cirterias, so most of the securiy evaluation cirterias have been introduced. In addition, the architecture of CC and the three documents of it have been analysed, which has been recognized as the most developed criteria for security evaluation. The principle of the CC security evaluation method and process of the evaluation has been summarized.In the study of achieving the automated security evaluation, two domestic typical models of automated security evaluation system have been analysed. The design of an improved security evaluation framework is given by learning from their advantages and integrating of automated software testing methods, while related technical problems and possible solutions are discussed.Undoubtedly security evaluation is a key step for security evaluation, and the automated security test system for an operating system huge system itself. Meanwhile access control is an important component of operating systems. Moreover, the Linux kernel is widely used by most research institutes and development teams. Therefore, security test for Linux access control is focused on in our reseach. An automated security test tool for Linux access control is designed and implemented. It can execute the test cases, judge the running results of the test cases and provide test reports automatically. All test cases should be writtern in special XML and they can be translated into test command flows with mannually written rules. Elementary tests are performed for the toll and the results are satisfactory.Finally, research works in this dissertation are summarized and the future works are discussed. |
PDF Full Text Request