| Currently, embedded systems are widely used and their security issues are more and more concerned. As a core component in embedded system, operating system security is the fundament of all the applications based on it and the whole system. Secure operating system places its focus on controlling user's access to prevent illegal operations, marking the user and authentication to guarantee the security and integrality. Access control technology plays an important role to enforce operating system security. Now, research on access control in embedded real time operating system (ERTOS) is just at the prime stage.This dissertation will study access control technology, along with its application in current embedded real time operating systems, such as Linux and Windows CE. Their shortcomings in security are pointed out. A multi policy access control model applied to ERTOS is brought forward, which integrates several access control policies. This model can assign and manage the security labels of subject and object efficiently, implement mandatory access control between them. In this paper, there are some innovations as follows:1. Research on the standard of secure operating system, presents B1 level embedded subset for the security evaluation of embedded real time operating system.2. The design principle of access control technology in ERTOS is analysed.3. Presents a multi policies access control model supporting MLS,RBAC and DTE, and describes it formally.4. Research on GFAC and FLASK, presents an access control model frame suitable for ERTOS, this frame has open architecture and is easy to extend.5. Deeply studies Windows CE codes, realizes MPACM in Windows CE to enhance its security.According to the above researches, MPACM is implemented based on Windows CE and the test results indicate both the function and performance meet the requirements of ERTOS. This work could be regarded as a good reference for the future research on embedded secure operating system. |
PDF Full Text Request