Research And Expansion Of The Embedded Operating System Security Mechanisms To Achieve

With the advent of pervasive computing era, more and more embedded devices can access to Internet. The computing resource can be shared beyond the limit of time and space. Information security becomes more and more important. As a core facility of embedded systems, an operating system is the security base of the applications and other security systems. The operating system is also the last defence line of system information security. If it is weak in security, the application system based on it and the security of the whole embedded systems will not be guaranteed. Therefore, it is necessary for us to constructe the embedded operating system with high relibility and high security.The security mechanism and implementation method of operating systems are firstly researched in detail. Based on a typical embedded security operation system, mechanisms of information security in operating system level are deeply researched on, and some security functions are enlargely implemented. To sum up, there are several innovative researches in this paper as follows:1. This paper researches on the standard of security operating system. With the features of the embedded system such as resource limit, security safeguard functions of embedded operating sysmtem are defined in terms of B1 level.2. The importance of network security is introduced. By analysing traditional measurements taken on network security, we find out that the last network security gate should be established on operating system level. A MAC mechanism on socket layer is implemented in the paper.3. The tradional measuments on file protection are introduced. Comparing with feathure of embedded filesystem, the paper presents a new file security mechanism. Based on the descriptor of the file, file resources are protected in the API level of an operating system.4. The tradional audit mechanism are introduced. Comparing with feathure of embedded filesystem, the paper presents a multiple-level security audit system. Flexible method of the audit storing enhances the dependability of audit information.