CN101827091A - Method for detecting Solaris system fault by utilizing mandatory access control - Google Patents
Method for detecting Solaris system fault by utilizing mandatory access control Download PDFInfo
- Publication number
- CN101827091A CN101827091A CN201010133100A CN201010133100A CN101827091A CN 101827091 A CN101827091 A CN 101827091A CN 201010133100 A CN201010133100 A CN 201010133100A CN 201010133100 A CN201010133100 A CN 201010133100A CN 101827091 A CN101827091 A CN 101827091A
- Authority
- CN
- China
- Prior art keywords
- access control
- user
- internet resources
- file
- access
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000000034 method Methods 0.000 title claims abstract description 36
- 230000008569 process Effects 0.000 claims abstract description 29
- 238000005516 engineering process Methods 0.000 claims abstract description 7
- 238000004891 communication Methods 0.000 claims description 4
- 238000012217 deletion Methods 0.000 claims description 4
- 230000037430 deletion Effects 0.000 claims description 4
- 238000012545 processing Methods 0.000 claims description 4
- 239000012792 core layer Substances 0.000 claims description 3
- 238000004519 manufacturing process Methods 0.000 claims description 3
- GOLXNESZZPUPJE-UHFFFAOYSA-N spiromesifen Chemical compound CC1=CC(C)=CC(C)=C1C(C(O1)=O)=C(OC(=O)CC(C)(C)C)C11CCCC1 GOLXNESZZPUPJE-UHFFFAOYSA-N 0.000 claims description 3
- 238000001514 detection method Methods 0.000 abstract description 4
- 241000700605 Viruses Species 0.000 abstract description 2
- ZXQYGBMAQZUVMI-GCMPRSNUSA-N gamma-cyhalothrin Chemical compound CC1(C)[C@@H](\C=C(/Cl)C(F)(F)F)[C@H]1C(=O)O[C@H](C#N)C1=CC=CC(OC=2C=CC=CC=2)=C1 ZXQYGBMAQZUVMI-GCMPRSNUSA-N 0.000 abstract 1
- 230000006870 function Effects 0.000 description 7
- 239000010410 layer Substances 0.000 description 5
- 230000026676 system process Effects 0.000 description 5
- 238000012550 audit Methods 0.000 description 4
- 230000000694 effects Effects 0.000 description 3
- 230000002159 abnormal effect Effects 0.000 description 2
- 230000003139 buffering effect Effects 0.000 description 2
- 230000007246 mechanism Effects 0.000 description 2
- 230000002787 reinforcement Effects 0.000 description 2
- 238000013459 approach Methods 0.000 description 1
- 230000008901 benefit Effects 0.000 description 1
- 230000006378 damage Effects 0.000 description 1
- 238000013461 design Methods 0.000 description 1
- 238000011161 development Methods 0.000 description 1
- 238000010586 diagram Methods 0.000 description 1
- 238000011084 recovery Methods 0.000 description 1
- 230000008439 repair process Effects 0.000 description 1
- 230000003612 virological effect Effects 0.000 description 1
Landscapes
- Storage Device Security (AREA)
- Computer And Data Communications (AREA)
Abstract
The invention provides a fault detection technology of a Solaris system, and a Solaris operating system fault is rapidly processed and a fault point is rapidly positioned through mandatory access control by the technology. Compared with a traditional minimum authority model safety measure, the technology for detecting the system fault by utilizing the mandatory access control rapidly detects and positions the fault caused by an attack for the Solaris system, including a known or unknown virus program, an ROOTKIT-level backdoor Trojan horse and the like. The mandatory access control (MAC) is divided into two parts: one part is the access control for a document on the basis of a user, the other part is the access control for the document on the basis of a process, and the user is bound when the process operates, so that the process per se is also a subject, and when an object is protected by a safety mark, even a root user can not access the object unless having the authority of the MAC.
Description
Technical field
The present invention relates to solaris system kernel field of reinforcement, especially the communication between client layer and system layer, specifically a kind of method based on ROST (Reinforcement Operating System Technique), core is exactly that authority Access Model in the core layer reconstructed operation system of solaris system realizes that real pressure access control comes the processing server fault, fast fault location point and generation reason.
Technical background
Solaris operating system moves the system process that has superuser right in a large number, thereby provides the function that reads and revise such as other processes, internal memory and I/O equipment for program.Though this provides the required authority of executing the task for system process, also for they provide unnecessary access rights, make they can access system in other shielded parts.The hacker utilizes in the relatively poor code of design existing leak to control or break through server (overflowing and corrupted data as buffering area), relies on the authority of this lifting to obtain supervisor access's authority of computer.
Its safety problem mainly contains:
(1) power user's privilege
Super administrator right is too big, and he has the unexistent privilege of other users, in case obtain super administrator right, just obtains the control fully to computer system.
(2) Account Administration is simple
For the invador, entering the most direct approach of system is to obtain user account number, and it is illusory that the password obtain manner of present user account number and decoding instrument have made the user password of Solaris become.
(3) file access control is simple
The user enters the right that system just obtains the using system file, and the visit of file only relies on and file access authority mode is set controls, and system does not have compulsory safe access control mechanism, has opened convenience to the assailant.
(4) a large amount of processes possess superuser right
Solaris operating system moves the system process that has superuser right in a large number, thereby provides the function that reads and revise such as other processes, internal memory and I/O equipment for program.The hacker utilizes the leak of these processes to control or break through server (overflowing and corrupted data as buffering area).
(5) audit defencive function a little less than
Though Solaris provides audit function, any restriction is done in the visit of Audit data hardly, can freely inquire about and allow to revise, especially lack integrity protection to Audit data.
(6) network application is dangerous
Useless code in the network application software is too many.These nugatory codes itself are exactly a serious security problem.
At present, destructions such as well-known all viruses or wooden horse will show effect, and following steps must be arranged:
(1) write memory, system replace the system core file.
(2) revise CONFIG.SYS.
(3) establishment process is self adding in system start-up item or the service.
The other system failure cause mainly contains following several:
(1) lacks some critical file or by mistake deleted, such as the start boot files.
(2) configuration file is changed by malice, such as network parameter of server or the like.
(3) loading malice drives.
(4) the operating system critical file is modified or replaces.
In sum, the network manager worry attack, the user of " hacker " fear the losing of data, government bodies be concerned about state secret whether a series of problems such as safety cause the network operating system that makes up safety very urgent.Just because of above common safety problem, thus develop one can the fast processing operating system failure, recovery system is professional and technology fault location point rapidly is extremely urgent.Combine with traditional safe practice fast detecting and handle operating system failure of present technique will become a trend of system in future safe practice development.
Summary of the invention
The fault detection technique that the purpose of this invention is to provide a kind of solaris operating system.
The objective of the invention is to realize in the following manner, comprise following content:
1) forces access control MAC
Force access control MAC to be divided into two major parts: an access control that is based on the user to file, another piece is based on the access control of process to file, process has just been bound the user in operation, so process itself also is a main body, when an object is subjected to the protection of safety label, even root user also can't visit this object, unless have the authority of MAC;
2) user network is forced access control
Internet resources are divided into two classes, one class is autonomous binding socket port, another kind of is long-range connection Internet resources, be to forbid that Any user uses this two classes Internet resources under the default situations, promptly do not allow all user binding ports and long-range connection Internet resources, with the private communication channel of hacker's manufacturing system of preventing illegal acquire the right of control limit and steal Internet resources, and prevent that the user from utilizing network to reveal important classified papers;
3) the authority Access Model in the core layer reconstructed operation system of operating system realizes forcing access control, and utilizes and force access control technology to carry out the fast detecting and the processing of the system failure, and step is as follows:
The file system filter driver is when initialization, insert access rule one by one, and allow to ask dynamic interpolation or deletion appointment node in the runtime, so that intercept and capture from the I/O request of all users or process to file or catalogue, traversal rule chained list when intercepting the I/O request of file or catalogue, and filter according to access rule, meet regular person and deliver former service function immediately, otherwise abandon;
The Process Protection filter drive program is when initialization, insert access rule one by one, and allow dynamically to add or deletion appointment node at run duration, so that intercept and capture all traversal requests to process, when intercepting the request of process traversal, revise process list according to regulation linked, and former service function is delivered in amended tabulation;
The protection driver of Internet resources is when initialization; insert the access rule of all user binding ports and long-range connection Internet resources one by one; and allow in the dynamic network connection that allows or refuse appointment of run duration; so that intercept all traversal requests; when intercepting the request of connection Internet resources traversal; control tabulation is filtered according to network resource accession, delivers former service function with legal.
Excellent effect of the present invention is: solaris server fault detection method of the present invention is by system's basic resources, fast detecting operating system failure and the puzzlements that solves viral wooden horse or the like such as control documents, catalogue, process, accesss to netwoks.By forcing access control protection operating-system resources, ruined degree of the system that is directly acquainted with and reason are so that repair fault fast.
Add the security kernel module in Drive Layer (0 layer), tackle all kernel access path and record, thereby reach the specification requirement of treatment S olaris server failure, safe effect that reaches and reconstructed operation system code technology are similar.Benefit is the business continuance that can not influence the client, does not even need the client to restart system, not only all application on upper strata is all supported, and all systems of lower floor and machine are all supported, can guarantee the safety of upper layer application on the operating system granularity.
Description of drawings
Fig. 1 stops the access control interface directly to visit kernel, increases access monitor and visits the logic diagram of handling detection failure by security kernel.
Embodiment
With reference to Figure of description method of the present invention is done following detailed explanation.
Mainly containing following module constitutes:
One, forces access control MAC
Force access control MAC to be divided into two major parts: an access control that is based on the user to file, another piece is based on the access control of process to file.Process has just been bound user agent in operation, so process itself also is a main body.When an object is subjected to the protection of safety label, even root user also can't visit this object, unless have the authority of MAC.
Two, the abnormal end of anti-important system process
In order to prevent that the hacker from stopping some important system process, provide a cover mechanism can make some important processes, thereby guaranteed the normal operation of service not by anyone abnormal end.
Three, user network is forced access control
Internet resources are divided into two classes, and a class is autonomous binding socket port, and another kind of is long-range connection Internet resources.Forbid under the default situations that any main body (user) uses this two classes Internet resources, just do not allow all user binding ports and long-range connection Internet resources, can prevent the private communication channel of hacker's manufacturing system that illegal acquire the right of control is limit like this and steal Internet resources, and can prevent that the user from utilizing network to reveal important classified papers or the like.
Claims (1)
1. one kind is utilized the method for forcing access control to detect the solaris system fault, it is characterized in that, comprises following content:
1) forces access control MAC
Force access control MAC to be divided into two major parts: an access control that is based on the user to file, another piece is based on the access control of process to file, process has just been bound the user in operation, so process itself also is a main body, when an object is subjected to the protection of safety label, even root user also can't visit this object, unless have the authority of MAC;
2) user network is forced access control
Internet resources are divided into two classes, one class is autonomous binding socket port, another kind of is long-range connection Internet resources, be to forbid that Any user uses this two classes Internet resources under the default situations, promptly do not allow all user binding ports and long-range connection Internet resources, with the private communication channel of hacker's manufacturing system of preventing illegal acquire the right of control limit and steal Internet resources, and prevent that the user from utilizing network to reveal important classified papers;
3) the authority Access Model in the core layer reconstructed operation system of operating system realizes forcing access control, and utilizes and force access control technology to carry out the fast detecting and the processing of the system failure, and step is as follows:
The file system filter driver is when initialization, insert access rule one by one, and allow dynamically to add or deletion appointment node at run duration, so that intercept and capture from the I/O request of all users or process to file or catalogue, traversal rule chained list when intercepting the I/O request of file or catalogue, and filter according to access rule, meet regular person and deliver former service function immediately, otherwise abandon;
The Process Protection filter drive program is when initialization, insert access rule one by one, and allow dynamically to add or deletion appointment node at run duration, so that intercept and capture all traversal requests to process, when intercepting the request of process traversal, revise process list according to regulation linked, and former service function is delivered in amended tabulation;
The protection driver of Internet resources is when initialization; insert the access rule of all user binding ports and long-range connection Internet resources one by one; and allow in the dynamic network connection that allows or refuse appointment of run duration; so that intercept all traversal requests; when intercepting the request of connection Internet resources traversal; control tabulation is filtered according to network resource accession, delivers former service function with legal.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201010133100A CN101827091A (en) | 2010-03-26 | 2010-03-26 | Method for detecting Solaris system fault by utilizing mandatory access control |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201010133100A CN101827091A (en) | 2010-03-26 | 2010-03-26 | Method for detecting Solaris system fault by utilizing mandatory access control |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN101827091A true CN101827091A (en) | 2010-09-08 |
Family
ID=42690794
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201010133100A Pending CN101827091A (en) | 2010-03-26 | 2010-03-26 | Method for detecting Solaris system fault by utilizing mandatory access control |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN101827091A (en) |
Cited By (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102663321A (en) * | 2012-04-24 | 2012-09-12 | 百度在线网络技术(北京)有限公司 | Security enhancement system and method for software |
| CN103065098A (en) * | 2011-10-24 | 2013-04-24 | 联想(北京)有限公司 | Access method and electronic device |
| CN103428032A (en) * | 2013-08-19 | 2013-12-04 | 杭州华三通信技术有限公司 | Attack positioning and assistant positioning device and method |
| CN106101149A (en) * | 2016-08-15 | 2016-11-09 | 深圳前海信息技术有限公司 | Based on accessing the process access control method and device controlling list |
| CN106228078A (en) * | 2016-07-29 | 2016-12-14 | 浪潮电子信息产业股份有限公司 | Safe operation method based on enhanced ROST under Linux |
| WO2019237864A1 (en) * | 2018-06-12 | 2019-12-19 | 杨力祥 | Security user architecture and authority control method |
Citations (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101788944A (en) * | 2010-01-25 | 2010-07-28 | 浪潮电子信息产业股份有限公司 | Method for detecting failures of AIX system by means of mandatory access control |
-
2010
- 2010-03-26 CN CN201010133100A patent/CN101827091A/en active Pending
Patent Citations (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101788944A (en) * | 2010-01-25 | 2010-07-28 | 浪潮电子信息产业股份有限公司 | Method for detecting failures of AIX system by means of mandatory access control |
Cited By (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103065098A (en) * | 2011-10-24 | 2013-04-24 | 联想(北京)有限公司 | Access method and electronic device |
| CN102663321A (en) * | 2012-04-24 | 2012-09-12 | 百度在线网络技术(北京)有限公司 | Security enhancement system and method for software |
| CN103428032A (en) * | 2013-08-19 | 2013-12-04 | 杭州华三通信技术有限公司 | Attack positioning and assistant positioning device and method |
| CN103428032B (en) * | 2013-08-19 | 2016-11-09 | 杭州华三通信技术有限公司 | A kind of attack location, auxiliary locator and method |
| CN106228078A (en) * | 2016-07-29 | 2016-12-14 | 浪潮电子信息产业股份有限公司 | Safe operation method based on enhanced ROST under Linux |
| CN106101149A (en) * | 2016-08-15 | 2016-11-09 | 深圳前海信息技术有限公司 | Based on accessing the process access control method and device controlling list |
| CN106101149B (en) * | 2016-08-15 | 2019-05-17 | 深圳前海信息技术有限公司 | Process access control method and device based on accesses control list |
| WO2019237864A1 (en) * | 2018-06-12 | 2019-12-19 | 杨力祥 | Security user architecture and authority control method |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US10361998B2 (en) | Secure gateway communication systems and methods | |
| Loscocco et al. | Meeting critical security objectives with security-enhanced linux | |
| US9424430B2 (en) | Method and system for defending security application in a user's computer | |
| US20110239306A1 (en) | Data leak protection application | |
| CN103246849A (en) | Safe running method based on ROST under Windows | |
| CN101667232B (en) | Terminal credible security system and method based on credible computing | |
| US9454652B2 (en) | Computer security system and method | |
| US8775802B1 (en) | Computer security system and method | |
| CN101827091A (en) | Method for detecting Solaris system fault by utilizing mandatory access control | |
| CN102043927A (en) | Computer system for data divulgence protection | |
| CN101788944A (en) | Method for detecting failures of AIX system by means of mandatory access control | |
| US20180026986A1 (en) | Data loss prevention system and data loss prevention method | |
| CN106228078A (en) | Safe operation method based on enhanced ROST under Linux | |
| US20170293755A1 (en) | Computer security system and method | |
| CN101819548A (en) | Technology for detecting fault of Linux system by using mandatory access control | |
| Moshchuk et al. | Content-based isolation: rethinking isolation policy design on client systems | |
| Hogan | Protection imperfect: The security of some computing environments | |
| Seong et al. | Security Improvement of File System Filter Driver in Windows Embedded OS. | |
| Witt et al. | Sandboxing of biomedical applications in Linux containers based on system call evaluation | |
| Carikli et al. | The Intel Management Engine: An Attack on Computer Users’ Freedom | |
| Shan et al. | An OS Security Protection Model for Defeating Attacks from Network | |
| CN117034330B (en) | macOS-based safety protection method, macOS-based safety protection equipment and storage medium | |
| CN112784263B (en) | Bit-locked disk handler management system and method | |
| EP3113066B1 (en) | Computer security architecture and related computing method | |
| Gartaganis | Comparative analysis of the Windows security XP, Vista, 7, 8 and 10 |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C02 | Deemed withdrawal of patent application after publication (patent law 2001) | ||
| WD01 | Invention patent application deemed withdrawn after publication |
Application publication date: 20100908 |