The Research And Implementation Of Linux Environment Application Dynamic Trusted Verification

With the rapid development of computer technology,information security problems have become more and more serious.Since the Linux system is open source,important information systems mainly use it as an operating system platform,and applications on the Linux system are used as important business systems for storing,transmitting,and processing information,and are constantly subject to such things as worms,viruses,and Trojan horses.Attacks of this kind of malicious programs cause the information system to lose control,user information is lost,and economic losses are huge.The “Network Security Law of the People 's Republic of China” issued in June 2017 stipulates a network security level protection system.At the same time,in the basic requirements for the new network security level protection implemented in December 2019,it is clarified that the applications of high security level systems require dynamic trusted verification.Trusted computing has an active defense function,which can fundamentally guarantee the network security of high-security business systems.Therefore,dynamic trustworthy verification of application programs that meet the level protection system and basic requirements is an urgent research topic.The existing application dynamic trust verification scheme has the following defects: when the application starts,the measurement of dependent files is not comprehensive;when dynamic linking,the measurement of the link environment is lacking;when the application is running,the application itself Behavior metrics are inaccurate,lacking metrics for the operating environment,and lacking metrics for accessing data resource files.Based on the above problems,a dynamic trusted verification framework for Linux environment applications is proposed.The main research contents include:(1)Study the data integrity of the dependent files of the application startup process.When an application starts,it depends on executable files,dynamic linkers,shared library files,configuration files,and environment variables.It is necessary to verify the data integrity of the above files to ensure the credibility of the source of the linked and running program.(2)Study the behavioral integrity of executable files,link environment and running environment.In the running process of the application,the dynamic linker acts as a linking environment,and the shared library file acts as a running environment.The executable file accesses the running environment through the link environment,then accesses the system call interface through the running environment,and finally accesses the computer resources through the system call interface.Therefore,in the user space,it is necessary to ensure the integrity of the behavior of the executable file,the link environment,and the running environment in order to correctly access system resources.(3)Study the data integrity of the data resource files to be accessed during the application running process.When the application runs,it will access various file types on Linux.The data resource file is used as input to the application,which has an important impact on the credibility of the application.Therefore,the data integrity of the above files needs to be verified to ensure the credibility of the input source.(4)Research and implement a dynamic trusted verification prototype system(DTVPS).First,study the subject,object,operation and environment related to the application;second,study the definition and extraction of the expected behavior of the application,real-time monitoring of the actual behavior,dynamic trusted verification mechanism,etc.;finally,implement the function of the DTVPS prototype system And performance testing and analysis.