SELinux Policy Integrity Analysis Key Technical Research

Linux system has autonomous control access mechanism,but this access control mechanism is too simple,hackers can trick the system to obtain super administrator rights,in order to ensure the security of Linux system,Linux system kernel to add security enhancement Linux(Security Enhanced Linux,SELinux)security module,SELinux system has a strong enforcement control access mechanism,however,SELinux system policy is complicated,There is no guarantee that policies are written correctly and that there may be security vulnerabilities.In this thesis,the key technology research of SELinux security policy integrity analysis is carried out for domestic operating system.Aiming at the actual security policy requirements in the domestic operating system,this thesis puts forward a special security integrity model(Speical Security Integrity Model,SSIM)based on the traditional Biba integrity model,which uses the access control matrix analysis method to identify the rules and domain transformations in the domestic operating system security policy by modeling the SELinux security policy with finite automatons.Based on SSIM integrity detection algorithm,this thesis solves the problem of integrity analysis security policy violation in domestic operating system.After extracting the security policy in the domestic operating system,the integrity analysis is carried out in linux system,the 65658 alllow allowed rules are processed by python,the 4334 domain conversion relationship is analyzed,among which the user,role and type have the Descartes product relationship and other factors,the domestic operating system security policy is analyzed comprehensively,and the SSIM integrity model detects a total of 3204 violation policy rules,compared to Strict Integrity model obtained 125 rules of the violation policy,adding more than 3079 violations,through the experimental analysis of domestic operating system strategy,proved that the detection rate of this model and method is higher.Combined with the SSIM integrity model and the integrity detection algorithm proposed by the domestic operating system security policy,this thesis is better than the traditional integrity model,which is helpful to ensure the safe implementation of the SELinux system according to the actual security policy rules in the domestic operating system,and is more suitable for the integrity analysis of the rule violation of the domestic operating system security policy.