Research On The Technology Of Dynamic Management Of Multi-level Security Domain Based On Embedded System Of MILS

As it is widely used in power grid,aviation,medical treatment,home application and other fields,the security of embedded system is increasingly prominent.Multi-Independent Levels of Security(MILS)was developed to ensure the severe security of embedded system.By layering the operating system and partitioning the memory,MILS achieves space,time and fault isolation,and kernel verifiability.This paper designs and implements the dynamic management mechanism of multi-level security domain for collaborative embedded platforms.In particular,the security domain management is designed and the function reconstruction is achieved to solve the problem that an application is disordered.And aiming at information isolation and communication,the multi-strategy fusion access control model is designed and implemented,and our work is listed as follows:(1)Design the dynamic management of multi-level security domain.The paper designs multi-level security domain oriented to applications of different security levels on collaborative embedded systems and dynamically manage security domain to realize application migration and functional reconstruction.(2)Formulate multi-strategy fusion access control model based on RBAC and BLP.To ensure communication between applications on collaborative embedded platforms,applications of different security levels are assigned different roles and operation permissions to achieve the goal that information isolation and secure communication between different applications.(3)Design and implement the experimental prototype.The paper tests components of dynamic management of multi-level security domain and multi-strategy fusion access control to verify whether its function and real-time performance fulfill requirement of collaborative embedded system.Experimental results indicate that the components proposed in the paper achieve correct migration of abnormal application and access control between different applications,and also fulfill real-time performance of guard for embedded platform.In conclusion,it can solve the problem of lacking of platform functions.