Research And Design Of LINUX Operating System Security

With the development of computer and network technology,information technology benefits the whole society greatly.However,computer system security meet serious challenges at the same time.The operating system holds the resources of computer system,controlling the operating of the whole system. It provides the users with access. It's also the base of software. Thus, the operating system is the base of the computer system security. It's often said that the operating system is safe, which means it can satisfy a certain given security policy. Security policies refer to the laws, rules and detailed requirements concerning the management, protection or announcing of the sensitive information. Security model is the simple, abstract and unique description of the security requirement expressed by the security policies. It offers a frame to security policies and their agencies. Three items of system security should be taken into consideration, namely, security,completeness and usage.The operating system security is researched and developed in this paper, using Linux operating system as a platform and based on BLP model and BAC model.Developing the Linux-based secure operating system is mainly to enhance the operating system security. This paper discusses the completeness and expanding the of BLP model, enhances the Linux operating system security by finest granularity Discretionary Access Control(DAC).Mandatory Access Control(MAC)and Least Privilege Management.Finest granularity(DAC)means the owner of an object can choose to grant access permission to other users as he likes and to limit users'access levels to different degrees. Mandatory Access Control(MAC)manage information by dividing the information of the system into security level and range. That is, the subjects can only read the less secure objects. They can read and write secure objects, while they can only write the securest objects. Least Privilege Management gives roles to different rooters. A single root user has only the teast privilege which is necessary in completing its task.Thus, it canb avoid different hazards that might be brought about. All the privilegesof the root users, which can reduce the security hazard brought about by a single root user.