| Operation System is always on the central and base position of computer security system ever since it arose. Most of the security solutions rely on the security of operation system itself. As one of most important mechanisms in OS, Access Control security is regard as a heat point in the field of information security research.This paper studied the problem of Windows System Access Control deeply, designed an Enhancement Model of Windows Access Control Based on PBAC (Process-Based Authortiy Control), and used the model in the field of Trojan Defence. The main work of the paper is as follows:1. Analysed and induced the security problem of Windows System Access Control Mechanism, include cause, influence and compromise.2. On studied the character of the process authority produce.Designed an Enhancement Model of Windows Access Control Based on Process-Object, POBAC for short. The Model could restrain process authority abuse and authority escalation. Studied the method of POBAC Model blended into the System Access Control Model fully used the advantage of System Access Control Model to make the process run in the Principle of Least Authority.3. Studied the character of the Trojan behavior, and used the POBAC model in the field of Trojan Defence. Unkown Trojan-attacking can be control in the model effectively.4. Designed the host Trojan defence prototype system using the POBAC Model, implemented some of important moduls, and tested the effect of the prototype system. |
PDF Full Text Request