| As Internet widely used in contemporary social life, people paid more and more money and attention to the security problem of computer system. OS was the bridge between hardware and upper layer software of which security is a very important component element of the whole information security system. The research of OS was not very developed in China, especially in the studying of security OS. Doing such works will contribute to both the developing of technology and the economic benefit of software.Aiming at the design of the security OS, the paper focused on the practicing the classic theory of security, mainly discussed the design of access control mechanism. Also the discourse of the definition, characteristics and evaluation criteria of security OS was a concernful part of the essay. More attention was paid to the evaluation criteria such as TCSEC (US), CC (ISO) and GB17859-1999 (China).The mechanism of access control was the most widespread, profound and complex part of the system of security operating system. Studying this part would give rise to a deeper understanding of variety of idea, theory and modal of security OS. So the treatise proceeded a study of this mechanism based on the classic BLP modal, aiming to design and develop such a system on simple OS. This paper gave most space to the study of strategies and modals of security including strategy of access grant, strategy of access control, BLP modal, Biba Modal, Chinese Wall modal and so on. After examining and investigating the security mechanism of popular OS such as UNIX and Windows, paper summarized some principle and method of developing security operating system and tried some preliminary designing work on access control mechanism. |
PDF Full Text Request