| Information Security is a focal issue, which gains more and more attention these years. Now Information Security concentrates on application layer or transport layer. But in reality , mainstream Linux operating systems has many flaws on security.For example ,access control is too simple. Capability of root is no limit and there is lack of system audit. Operating system is the only basic software anear the hardware.Its security is the base of other software.If there is no the security base, the security of application system is not ensured. Thus,researching the technique to enhance the operating system security is critical to resolve the problem of information security.In this paper we discuss how to build a security Linux operating system. At first, we introduce some basic knowledge of the Linux kernel and the network system.Then we describe the principles of capability security mechanism,and explain how to build a capability based on Linux system. In chapter 4 we discuss in detail the configure of Linux system at three aspects:system security,network security and console security.Then we give a systemic description of the BLP Security Model.At last ,based on the BLP model, we introduce the Linux loadable kernel module,and how to use LKMs to implement the enhanced security Linux operating system. |
PDF Full Text Request