| With the rapid development of IT technology, there comes out a lot of computer security attacks. The demands of operating system security of users are increasing and increasing, and the network security protection becomes even more urgent. The VTOS system our project team developed is a microkernel-based operating system, which is based upon Minix3.1.1. The design goal of VTOS is to build a tursted、 verified、reliable and practical operating system with good performance. This paper describes the VTOS firewall technology in designing and developing, the main contributions and innovations are as follows1) Researched the firewall technology in maintaining the integrity of network connection and protocols, and its performance improvement in the micro-kernel architecture.To increase the practicality and security of the VTOS, this paper designed and implemented a VTOS gateway, which seriously analyzed firewall technology on the other operating system and took the VTOS micro-kernel architecture and the its extraordinary of network service into consideration.The gateway used a combination of ip layer packet filter and application layer proxy firewall technology to maintain the hosts’ connection status between the inside network and outside network. In this way, we make sure the protected hosts’ data of integrity and security. In order to reduce the spending of the VTOS processes switching, the gateway control was designed as a part of the network service, extending in the network layer and application layer of the network protocol.This design had achieved the gateway connection control with none network packet copied.2) Researched secure kernel’s non-bypass secure control mechanism on network, and proposed a new description method of the gateway state. With the microkernel message control mechanism and the interaction protocols between gateway and the secure kernel, VTOS had achieved non-bypass control over network connection. This paper proposed an object-orient method while designing and developing, it saw the gateway as an object and descriped the gateway’s function behavior, data values and messages in detail to form the "state". With the concept of "message is the only way to drive object’s calculation, while calculation is the only way to trigger object’s state moves" this paper established the corresponding connection among the gateway control behavior, object’s state movement as well as the messages sequence.3) Proposed a consistency verification method on the secure kernel’s state control over the gateway.This paper expanded the function of the secure server. It used the messages sequences matained by security server to control the gateway’s state consistency.This paper had made the gateway consistency control into two phases——the start-up phase and servering phase.In each phase this paper analyzed the state moves of the gateway triggered by messages sequence and operating sequence respectively.Considering the specialty of gateway server, security server used different granularities and stage controls to achieve the detecting anomaly and the rolling back of the gateway’s state. Security server’s consistency control ensured the gateway service state of controllable, integrated, and auditable, thereby protecting the accuracy of the gateway service functions. |
PDF Full Text Request