Research And Analysis Of Dynamic Information Flow Monitoring Based On Finite State Automaton

Nowadays, due to our country and society widespread dependence on computer and network technology, information security is more and more valued. Standard security mechanisms such as access control are essential components for protecting the confidentiality and integrity of data. But even in a secure system which has been implemented Mandatory Access Control mechanism, a high-level process can signal information to a low-level process by using covert channel. Information flow control can provide such guarantees.Although at the initial stage, dynamic information flow control solves the static information the problems that flow control technology cannot be conducted according to the corresponding real-time changes in the workload of a huge manual, easy to misjudge the safe channels of information flow and cannot be flexible to face the problems of various systems. However, the existing dynamic information flow control technology cannot control the information flow in the cover channels.On these issues, this article covers: Based on the analysis of dynamic information flow control technology and finite state machine, in order to solve the problem that dynamic information flow control technology cannot control the information flow in the cover channels. According to the dynamic information flow control's needs, improvements are made to make finite state machine a better adaptation. As a tool, this article presents a method to watch the information flow in the cover channel.(1)The method which maintains the advantages of dynamic information flow can watch the information flow in the cover channel and handles properly the unsafe channel based on the system security requirements.(2)Using the method step by step on the SELinux system provide a way to implement the method, this simulation result can the effectiveness of this method to provide a real system environment.(3)Testing the method proposed in the article in the real system. In the system which has cover channels, by using the method to watch the information flow, the experiment result can show the correctness and effectiveness.This article proposed a finite state machine based on dynamic information flow method which can effectively prevent the unsafe information flow and handle properly the cover channel.