CN104112089A - Multi-strategy integration based mandatory access control method - Google Patents
Multi-strategy integration based mandatory access control method Download PDFInfo
- Publication number
- CN104112089A CN104112089A CN201410340911.9A CN201410340911A CN104112089A CN 104112089 A CN104112089 A CN 104112089A CN 201410340911 A CN201410340911 A CN 201410340911A CN 104112089 A CN104112089 A CN 104112089A
- Authority
- CN
- China
- Prior art keywords
- strategy
- security
- security strategy
- core
- file
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/45—Structures or tools for the administration of authentication
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/21—Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/2113—Multi-level security, e.g. mandatory access control
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Theoretical Computer Science (AREA)
- Computer Hardware Design (AREA)
- Software Systems (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Storage Device Security (AREA)
Abstract
The invention discloses a multi-strategy integration based mandatory access control method. The method includes the implementing steps: constructing a multi-strategy integration memory file system, initializing to load the multi-strategy integration memory file system when an operation system loads a kernel and establishing an in-kernel security strategy pool in the kernel of the operation system according to stored security strategy information; intercepting a system call request sent out by a progress, judging whether an execution object exists or not, and concurrently judging whether operation of a subject on the object meets requirements of each security strategy in the system call request if the execution object exists, and respectively generating judging results; comprehensively generating authorization check results of the system call request according to the judging results, and calling the operation of the subject on the object in the system call request only on the condition that check passes. The multi-strategy integration based mandatory access control method is capable of integrating multiple security strategies to perform comprehensive and highly-efficient mandatory access control and has the advantages of setting flexibility, simplicity in integration, extendibility, high security, accessibility and high efficiency.
Description
Technical field
The present invention relates to field of information security technology, be specifically related to a kind of forced access control method merging based on many strategies.
Background technology
At present, due to constantly expansion and large-scale application of networking, the invasions such as thing followed virus, wooden horse and worm are becoming increasingly rampant, and make information security be faced with stern challenge; In addition,, due to diversity and the complicacy of networking application, make infosystem only depend on single security strategy cannot meet demand for security to the protection of application.Along with the development of information security technology, force at present access control technology constantly to be favored in this field, this technology can effectively be protected infosystem and is difficult for by invasions such as virus, wooden horses in different levels, thereby protects its application.For example, based on forcing the information security of access control technology to produce a lot of security models and security strategy: security model has the Lapadula based on BLP(Bell &) Confidentiality protection model, the integrity protection model based on Biba, the multiple domain control model based on DTE (Domain and Type Enforcement), the access control based on RBAC(Role-Based Access Control based on role) Capability Management Model in Capability-Based etc.; Security strategy has and has been integrated into the representative security strategies such as the SELinux of linux kernel.Although, infosystem has had so many security model, and selinux strategy is also integrated, and multiple security models are realized the pressure access control of the high security of system, but, with regard to complicated demand for security under current many application models, still there is following deficiency in existing pressure access control:
1, the protection object difference of the security model such as the Confidentiality protection model based on BLP, integrity protection model based on Biba, the multiple domain control model based on DTE, the Capability Management Model in Capability-Based based on RBAC, needs collaborative work that better security protection just can be provided; Being integrated into the representative security strategies such as the SELinux of linux kernel adopts tight cluster mode to realize the common implementing of the security models such as the Confidentiality protection model based on BLP, the integrity protection model based on Biba, the multiple domain control model based on DTE, the Capability Management Model in Capability-Based based on RBAC; protection when having realized multiple securities mechanism preferably; but be difficult to carry out strategy expansion and collaborative; can not carry out strategy configuration to individual security mechanism; cause security configuration performance difficulty; dirigibility deficiency, extendability is poor.
2, Confidentiality protection and integrity protection are the important component parts of information security; but because Confidentiality protection is forbidden reading down to write; integrity protection is forbidden writing, and causes in existing embodiment, being difficult to realize coexisting of Confidentiality protection strategy and integrity protection strategy.Such as the pressure access control that existing linux is integrated only has multilvel security policy, there is no integrity protection strategy, cause meeting the demand that existing confidentiality and integrity is protected simultaneously.
What when 3, infosystem forces access control to check at present, adopt is that serial is judged, in the time existing many cover Mandatory Access Controls to check, tends to bring larger efficiency losses to access control.
Summary of the invention
The technical problem to be solved in the present invention is: for the above-mentioned technical matters of prior art, provide a kind of and can integrated multiple security strategy carry out the pressure access control of comprehensive high-efficiency, arrange flexible, integrated simply, there are the forced access control methods that merge based on many strategies that extensibility, high security, ease for use and high efficiency are good.
In order to solve the problems of the technologies described above, technical scheme provided by the invention is:
The forced access control method merging based on many strategies, implementation step is as follows:
1) be configured to merge memory file system for user's space, kernel spacing provide many strategies of interactive entrance, described many strategies merge the security policy information that stores multiple security strategy in memory file system;
2) in the time that operating system loads kernel, initialization loads described many strategy fusion memory file systems, and in operating system nucleus, sets up security strategy pond in core according to the security policy information of storage;
3) the system call request that in capturing operation system, process is sent, judges whether the execution object of described system call request exists, and if there is no exits; Exist else if, adopt parallel mode to judge respectively whether the operation of main object in described system call request meets the requirement of each security strategy in the interior security strategy of core pond and generate respectively judged result, if judged result, for not meeting security strategy, directly exits arbitrarily; Comprehensively generate the scope check result to system call request according to the judged result of described each security strategy, and under the condition of only passing through in inspection, carry out the operation of main object in described system call request.
Preferably, the detailed step of described step 1) is as follows:
1.1) in operating system, create for the many strategies of carry merge memory file systems /msifs catalogue, described/msifs catalogue only has read and write access authority for security of system person;
1.2) under described/msifs catalogue, create many strategy fusion status file msistatus and many strategies and merge global restriction check result file access, described many strategies merge status file msistatus and are used for recording the many tactful memory file system start and stop states that merge of current operation system, and described many strategies merge global restriction check result file access and are used for recording the result according to restriction relation is carried out security constraint inspection between each security strategy of security strategy pond to all judged results in core;
1.3) operating system /create secure configuration file msiconf under etc/ catalogue, the outer policing rule pond catalogue msipolicys of security constraint file msiconstraint and core, when described secure configuration file msiconf starts for configuration operation system is next, many strategies merge the start and stop of memory file system start and stop state and multiple security strategy and deposit information, described security constraint file msiconstraint is used for being configured in and receives that all judged results are after meeting security strategy judged result is carried out to lateral confinement, under the outer policing rule pond catalogue msipolicys of core, have multiple security strategy sub-directories that the outer policing rule of core pond is supported, any one security strategy sub-directory is with corresponding security strategy name nominating, and the Rule Information catalogue policy of status information file version and this security strategy while depositing the policy installation of this security strategy, under described Rule Information catalogue policy, deposit the scope check rule of this security strategy.
Preferably, described step 2) detailed step as follows:
2.1) load after kernel kernel in operating system, the command parameter information in read operation system start-up routine, if in command parameter information with the parameters of enabling many strategies and merge memory file systems, redirect execution step 2.2); Otherwise redirect execution step 2.10);
2.2) operating system carry root directory/after, general/msifs catalogue carry merges memory file systems as many strategies;
2.3) read described secure configuration file msiconf, during according to described secure configuration file msiconf read operation system startup next time, many strategies merge the start and stop of memory file system start and stop states and multiple security strategy and deposit information;
2.4) judge that in described secure configuration file msiconf, whether enabling many strategies merges memory file system, if enabled, redirect execution step 2.5), otherwise redirect execution step 2.10);
2.5) to all security strategies of depositing in described secure configuration file msiconf, obtain one of them still untreated security strategy as current safety strategy;
2.6) first read the start and stop information of the command parameter information current safety strategy in described os starting program, if the start and stop information of described command parameter information current safety strategy is for enabling, further read the start and stop information of current safety strategy in described secure configuration file msiconf, if the start and stop both information of current safety strategy is and enables in the start and stop information of described command parameter information current safety strategy, described secure configuration file msiconf, redirect execution step 2.7), otherwise redirect execution step 2.8);
2.7) under described/msifs catalogue, create security strategy sub-directory in a corresponding core with current safety policy name, during by the policy installation of current safety strategy under outer described core policing rule pond catalogue msipolicys, status information file version is loaded in core under security strategy sub-directory, in described core, under security strategy sub-directory, set up security policy states file status and be set to initiate mode, in described core, under security strategy sub-directory, set up the policy permissions check result message file access of the scope check result for there is current safety strategy, by current safety strategy outside core under the catalogue msipolicys of policing rule pond in Rule Information catalogue policy scope check rule be loaded on security strategy sub-directory in described core, thereby complete the initialization in security strategy pond in core of current safety strategy,
2.8) under described/msifs catalogue, create security strategy sub-directory in a corresponding core with current safety policy name, in described core, under security strategy sub-directory, set up security policy states file status and be set to dead status;
2.9) judge whether current safety strategy is last security strategy of depositing in secure configuration file msiconf, if not obtaining one of them, still untreated security strategy is as current safety strategy, and redirect performs step 2.6), otherwise judge the initialization in security strategy pond in core, the security strategy title in security strategy pond in core has been stored as to Kernel security chained list with the form of chained list, then Real-Time Monitoring contrasts each security strategy status information file version when policy installation in policing rule pond outside core, status information file version when policy installation under security strategy sub-directory in core, if status information file version difference when aforementioned two policy installation of any one security strategy, judge that described security strategy upgrades in policing rule pond outside core, by described security strategy outside core under the catalogue msipolicys of policing rule pond in Rule Information catalogue policy scope check rule be loaded on security strategy sub-directory in core corresponding to described security strategy, thereby complete the synchronous renewal in described security strategy security strategy pond in core, redirect execution step 2.10),
2.10) according in operating system/other subregions of the content load operation system of etc/fstab file, whether the command parameter information in decision operation system start-up routine has need to be the option of file add-on security mark, the option identifying for file add-on security if necessary, in core, a security strategy is selected as current safety strategy redirect execution step 2.11 in security strategy pond), otherwise exit;
2.11) according to the system All Files of current safety policy definition, the secure ID under current safety strategy carries out mark, and mark is written to the extended attribute part of described file;
2.12) judge that whether current safety strategy is last security strategy in security strategy pond in core, if not in core security strategy pond select one not yet the security strategy of traversal as current safety strategy redirect execution step 2.11); Otherwise All Files has had how tactful safety label in expression operating system, many strategies merge memory file system MSI initialization to be completed.
Preferably, the detailed step of described step 3) is as follows:
3.1) the system call request that in capturing operation system, process is sent;
3.2) whether the execution object that judges described system call request exists, and does not exist if carry out object, reports an error and exits; Carry out else if object and exist, redirect execution step 3.3);
3.3) read described many strategies and merge memory file system, first the many strategies of inquiry merge and start and stop states that many strategies merge memory file systems are set whether for enabling in status file msistatus, if start and stop state for enabling; redirect perform step 3.4); If start and stop state is for stopping using, redirect performs step 3.6);
3.4) read in core each security strategy of Kernel security chained list in security strategy pond, in the mode that walks abreast respectively by each security strategy as current safety strategy, read current safety strategy security strategy sub-directory in corresponding core under described/msifs catalogue, judge the start and stop state of security policy states file status under the interior security strategy sub-directory of described core, if described start and stop state is for enabling, obtain the secure ID that the Subjective and Objective of described system call request is endowed under current safety strategy in security strategy pond in core, and the scope check rule of the secure ID that the Subjective and Objective of described system call request is endowed based under current safety strategy in security strategy pond in core carried out authority judgement, if giving the secure ID of the Subjective and Objective of described system call request, the scope check rule of current safety strategy there is operating right, the judged result that meets security strategy is write in core in security strategy pond to the policy permissions check result message file access under security strategy sub-directory in the corresponding core of current safety strategy, if giving the secure ID of the Subjective and Objective of described system call request, the scope check rule of current safety strategy there is no operating right, the judged result that does not meet security strategy is write in core in security strategy pond to the policy permissions check result message file access under security strategy sub-directory in the corresponding core of current safety strategy, judge and do not pass through for the constraint checking of described system call request, exit and carry out described system call request and point out Insufficient privilege, if described start and stop state, for stopping using, directly finishes the processing to current safety strategy, final after the processing that completes all security strategies, redirect is carried out next step,
3.5) read in core each security strategy of Kernel security chained list in security strategy pond, obtain the start and stop state of security policy states file status under the interior security strategy sub-directory of the corresponding core of described security strategy, the Lateral constrained condition of recording according to security constraint file msiconstraint is to being that the rreturn value of the policy permissions check result message file access under security strategy sub-directory in the corresponding core of the security strategy of enabling is carried out lateral confinement judgement to all start and stop states, if do not meet Lateral constrained condition, judge for the constraint checking of described system call request and do not pass through, exit and carry out described system call request and point out Insufficient privilege, otherwise, judge that constraint checking passes through, redirect execution step 3.6),
3.6) carry out the operation of main object in described system call request.
The forced access control method that the present invention is based on many strategy fusions has following advantage:
1, the present invention is configured to as user's space, kernel spacing provides many strategies of interactive entrance to merge memory file system, many strategies merge the security policy information that stores multiple security strategy in memory file system, many strategies merge memory file system can efficiently merge the Confidentiality protection model based on BLP, integrity protection model based on Biba, multiple domain control model based on DTE, the security models such as the Capability Management Model in Capability-Based based on RBAC, can solve many strategies management and on off control separately, support that multiple security strategy is integrated, can effectively overcome the defect that single security strategy is difficult to realize all full guard, can realize omnibearing security control.
2, the present invention adopts parallel mode to judge respectively whether the operation of main object in system call request meets the requirement of each security strategy in the interior security strategy of core pond and export respectively judged result, adopt the mode of serial to receive successively judged result, if receive that any judged result, for not meeting security strategy, exits executive system call request and points out insufficient permission, meet security strategy if receive that all judged results are, according in security strategy pond in core between each security strategy restriction relation all judged results are carried out to security constraint inspection, if security constraint inspection is by, the operation of main object in executive system call request, if security constraint inspection is not passed through, exit executive system call request and point out security constraint inspection not pass through, many policy permissions judge to have high efficiency, the how tactful serial of comparing is judged, if judged result, for not meeting security strategy, directly exits arbitrarily in the time that paralleling tactic checks, once exist certain tactful lack of competence just can exit as early as possible execution, can take into account the multilvel security policy of confidentiality and completing property, can improve many policy permissions checking efficiency, can integrated multiple security strategy carry out the pressure access control of comprehensive high-efficiency, have and arrange flexibly, integrated simple, there is extensibility, high security, the advantage that ease for use and high efficiency are good.
Brief description of the drawings
Fig. 1 is the method flow schematic diagram of the embodiment of the present invention.
Fig. 2 is step 2 in the embodiment of the present invention) implementing procedure schematic diagram.
Fig. 3 is the structural representation of Kernel security chained list in the interior security strategy of embodiment of the present invention center pond.
Fig. 4 is the structural representation of each the scope check process in security strategy pond in embodiment of the present invention center.
Fig. 5 is the system architecture schematic diagram of MSI memory file system in the embodiment of the present invention.
Fig. 6 is the implementing procedure schematic diagram of step 3) in the embodiment of the present invention.
Fig. 7 is the principle of work schematic diagram of MSI memory file system in the embodiment of the present invention.
Fig. 8 is the framed structure schematic diagram of MSI memory file system in the embodiment of the present invention.
Embodiment
The implementation step of the forced access control method that as shown in Figure 1, the present embodiment merges based on many strategies is as follows:
1) be configured to merge (multi-strategy integration for user's space, kernel spacing provide many strategies of interactive entrance, hereafter MSI) memory file system, in MSI memory file system, store the security policy information of multiple security strategy;
2) in the time that operating system loads kernel, initialization loads MSI memory file system, and in operating system nucleus, sets up security strategy pond in core according to the security policy information of storage;
3) the system call request that in capturing operation system, process is sent, judges whether the execution object of system call request exists, and if there is no exits; Exist else if, adopt parallel mode to judge respectively whether the operation of main object in system call request meets the requirement of each security strategy in the interior security strategy of core pond and generate respectively judged result, if judged result, for not meeting security strategy, directly exits arbitrarily; Comprehensively generate the scope check result to system call request according to the judged result of each security strategy, and the operation of main object in executive system call request under the condition of only passing through in inspection.
In the present embodiment, the detailed step of step 1) is as follows:
1.1) in operating system create for carry MSI memory file system /msifs catalogue ,/msifs catalogue only has read and write access authority for security of system person;
1.2) under/msifs catalogue, create that many strategies merge status file msistatus and many strategies merge global restriction check result file access, many strategies merge status file msistatus and are used for recording current operation system MSI memory file system start and stop state, and many strategies merge global restriction check result file access for recording the result according to restriction relation is carried out security constraint inspection between each security strategy of security strategy pond to all judged results in core;
1.3) operating system /create secure configuration file msiconf under etc/ catalogue, the outer policing rule pond catalogue msipolicys of security constraint file msiconstraint and core, the start and stop of MSI memory file system start and stop state and multiple security strategy and deposit information when secure configuration file msiconf started for configuration operation system next time, security constraint file msiconstraint is used for being configured in and receives that all judged results are after meeting security strategy judged result is carried out to lateral confinement, under the outer policing rule pond catalogue msipolicys of core, have multiple security strategy sub-directories that the outer policing rule of core pond is supported, any one security strategy sub-directory is with corresponding security strategy name nominating, and the Rule Information catalogue policy of status information file version and this security strategy while depositing the policy installation of this security strategy, under Rule Information catalogue policy, deposit the scope check rule of this security strategy.In the present embodiment, under the outer policing rule pond catalogue msipolicys of core, have multiple security strategy sub-directories that the outer policing rule of core pond is supported, any one security strategy sub-directory is with corresponding security strategy name nominating, and the Rule Information catalogue policy of status information file version and this security strategy while depositing the policy installation of this security strategy, under Rule Information catalogue policy, deposit the scope check rule of this security strategy, therefore can guarantee that the outer policing rule of core pond has many security strategies compatibility, make each security strategy form orthogonal control, do not interfere with each other, and the outer policing rule of core pond has dynamic reconfiguration, security of system person can realize the start and stop setting and the revision at any time of policing rule to many security strategies, and does not need to restart system and carry out strategy loading and just can immediately come into force, in addition, the outer policing rule of core pond has flexible customizability, can be according to different application safety demands, customize single security strategy, many security strategies or the enabling of the security strategy that needs.
As shown in Figure 2, step 2) detailed step as follows:
2.1) load after kernel kernel in operating system, command parameter information (being specially the cmdline information of grub in the present embodiment) in read operation system start-up routine, if in command parameter information, with the parameter of enabling MSI memory file system, redirect performs step 2.2); Otherwise redirect execution step 2.10);
2.2) operating system carry root directory/after, general/msifs catalogue carry is as MSI memory file system;
2.3) read secure configuration file msiconf, the start and stop of MSI memory file system start and stop state and multiple security strategy and deposit information while startup according to secure configuration file msiconf read operation system next time;
2.4) judge in secure configuration file msiconf whether enable MSI memory file system, if enabled, redirect execution step 2.5), otherwise redirect execution step 2.10);
2.5) to all security strategies of depositing in secure configuration file msiconf, obtain one of them still untreated security strategy as current safety strategy
strategy_namei;
2.6) the command parameter information current safety strategy in read operation system start-up routine first
strategy_nameistart and stop information, if command parameter information current safety strategy
strategy_nameistart and stop information for enabling, further read current safety strategy in secure configuration file msiconf
strategy_nameistart and stop information, if command parameter information current safety strategy
strateg_nameistart and stop information, secure configuration file msiconf in current safety strategy
strateg_nameistart and stop both information be enable redirect execution step 2.7), otherwise redirect execution step 2.8);
2.7) under/msifs catalogue, create security strategy sub-directory in a corresponding core with current safety strategy strateg_namei title, by current safety strategy under outer core policing rule pond catalogue msipolicys
strateg_nameipolicy installation time status information file version be loaded in core under security strategy sub-directory, in core, under security strategy sub-directory, set up security policy states file status and be set to initiate mode, in core, under security strategy sub-directory, setting up and be used for existing current safety strategy
strateg_nameithe policy permissions check result message file access of scope check result, by current safety strategy
strateg_nameioutside core, under the catalogue msipolicys of policing rule pond, in Rule Information catalogue policy, scope check rule is loaded on security strategy sub-directory in core, thereby completes current safety strategy
strateg_nameiinitialization in core in security strategy pond;
2.8) under/msifs catalogue with current safety strategy
strateg_nameititle create security strategy sub-directory in a corresponding core, in core, under security strategy sub-directory, set up security policy states file status and be set to dead status;
2.9) judge current safety strategy
strateg_nameiwhether be last security strategy of depositing in secure configuration file msiconf, if not obtain one of them still untreated security strategy as current safety strategy
strateg_namei, redirect execution step 2.6), otherwise judge the initialization in security strategy pond in core, the security strategy title in security strategy pond in core has been stored as to Kernel security chained list with the form of chained list, then Real-Time Monitoring contrasts each security strategy status information file version when policy installation in policing rule pond outside core, status information file version when policy installation under security strategy sub-directory in core, if status information file version difference when aforementioned two policy installation of any one security strategy, judge that security strategy upgrades in policing rule pond outside core, by security strategy outside core under the catalogue msipolicys of policing rule pond in Rule Information catalogue policy scope check rule be loaded on security strategy sub-directory in core corresponding to security strategy, thereby complete the synchronous renewal in security strategy security strategy pond in core, redirect execution step 2.10),
2.10) according in operating system/other subregions of the content load operation system of etc/fstab file, whether the command parameter information in decision operation system start-up routine has need to be the option of file add-on security mark, be the option of file add-on security mark if necessary, in core, security strategy pond selects a security strategy as current safety strategy
strateg_nameiand redirect execution step 2.11), otherwise exit;
2.11) according to current safety strategy
strateg_nameithe system All Files of definition is at current safety strategy
strateg_nameiunder secure ID carry out mark, and mark is written to the extended attribute part of file;
2.12) judge current safety strategy
strateg_nameibe whether last security strategy in security strategy pond in core, if not in core security strategy pond select one not yet the security strategy of traversal as current safety strategy
strateg_nameiand redirect execution step 2.11); Otherwise All Files has had how tactful safety label in expression operating system, MSI memory file system MSI initialization completes.
In the present embodiment, under/msifs catalogue, create security strategy sub-directory in a corresponding core with current safety policy name, during by the policy installation of current safety strategy under outer core policing rule pond catalogue msipolicys, status information file version is loaded in core under security strategy sub-directory, in core, under security strategy sub-directory, set up security policy states file status and be set to initiate mode, in core, under security strategy sub-directory, set up the policy permissions check result message file access of the scope check result for there is current safety strategy, by current safety strategy outside core under the catalogue msipolicys of policing rule pond in Rule Information catalogue policy scope check rule be loaded on security strategy sub-directory in core, thereby complete the initialization in security strategy pond in core of current safety strategy, therefore can guarantee in security strategy pond, to there is many security strategies compatibility in core, make each security strategy form orthogonal control, do not interfere with each other, and, in security strategy pond, thering is dynamic reconfiguration in core, security of system person can realize the start and stop setting and the revision at any time of policing rule to many security strategies, and does not need to restart system and carry out strategy loading and just can immediately come into force, in addition, in security strategy pond, there is flexible customizability in core, can be according to different application safety demands, customize single security strategy, many security strategies or the enabling of the security strategy that needs.
In the present embodiment, in the time of the initialization of MSI memory file system, require to be written in the security domain of file extent attribute according to each strategy in mark pond by enabling tactful security attribute, realize the mark to object; And realize the main body mark of the each security strategy to all processes of initialization by obtaining in MSI memory file system the secure ID value of init_contexts under each tactful sub-directory.
As shown in Figure 3 and Figure 4, in security strategy pond, Kernel security chained list comprises security domain and data field in core, each security strategy index node while forming file that joins end to end in security domain, attribute-bit that each node comprises corresponding security strategy (
strategy_name1:value1_a1,
strategy_name2:value1_a2,,
strategy_namen:value1_an).Each scope check process in core in security strategy pond comprises security domain and data field, and each security strategy joins end to end and forms process identification (PID) characteristic information in security domain, the attribute-bit of the corresponding security strategy of each identification characteristics information (
strategy_name1:value1_a1,
strategy_name2:value1_a2,,
strategy_namen:value1_an).Each strategy mark storage in security domain is with dictionary format, and strategy names is corresponding one by one with secure ID value, be difficult for obscuring, and orthogonal storage has good compatibility.And whether the tactful secure ID in security domain is enabled and write according to current strategies, reduce the secure ID of not enabled strategy; For customizing by security official the tactful secure ID of enabling after MSI initialization, can this strategy be carried out marking again and is written to by security strategy instrument the extended attribute of file; In addition, for the situation that tactful secure ID is not written to extended object attribute through mark, the monitoring module that can merge by many strategies obtains the strategy of newly enabling, and inform that how tactful access control module obtains the Subjective and Objective mark of current strategies in secure ID pond, realize and detecting and automatic expansion when attribute checks and improve shifty correspondence and identify when Subjective and Objective authority.
As shown in Figure 5, the present embodiment relate generally to the root directory of operating system/under two catalogues :/etc/ catalogue and/msifs catalogue.Under/etc/ catalogue, there is secure configuration file msiconf, security constraint file msiconstraint and core policing rule pond catalogue msipolicys outward, under the outer policing rule pond catalogue msipolicys of core, have core multiple security strategy sub-directories that policing rule pond is supported outward (wherein
strategy_nameirepresent i security strategy, in Fig. 2, enumerate for example respectively te, mls, mic, four kinds of security strategies that tetra-sub-directories of rabc are represented), wherein te security strategy is a kind of security strategy based on security domain control model realization, mls security strategy is a kind of security strategy based on Confidentiality protection model realization, mic security strategy is a kind of security strategy realizing based on completing property protection model, a kind of security strategy of rbac strategy safety based on role-security control model realization, sub-directory is set up according to the strategy names of security strategy respectively, status information file version and this policy rule information catalogue policy while depositing policy installation under each Policy Directories, wherein under each tactful policy sub-directory, deposit the rule of each strategy, for the rules of competence inspection of how tactful access control module.In addition ,/msifs catalogue is the catalogue that the present embodiment creates, for when the system initialization for carry MSI memory file system, offer the strategy that security of system person realizes user's space and kernel spacing by security command instrument mutual.Under/msifs catalogue, have many strategies to merge status file msistatus, many tactful global restriction check result file access that merges, after this external loading MSI memory file system completes ,/msifs catalogue also comprises security strategy
strategy_nameicorresponding sub-directory, has enumerated respectively te, mls, mic, tetra-kinds of security strategies of rabc in Fig. 2, security strategy sub-directory in corresponding te, mls, mic, tetra-cores of rabc.In the present embodiment, status information file version, security policy states file status and policy permissions check result message file access when in each core, security strategy sub-directory at least comprises policy installation, status information file version when policy installation, state value when depositing the current loading of each strategy; Security policy states file status, for depositing this tactful start and stop state, this file facilitates security of system person can carry out this tactful start and stop setting by security tool according to demand, does not need to restart reinitializing of system or MSI memory file system; Policy permissions check result message file access, for deposit this policy permissions check result information of how tactful access control module temporarily; In addition security strategy sub-directory also comprises security strategy scope check rule in Rule Information catalogue policy under the catalogue msipolicys of policing rule pond outside core in each core, the file of the specific strategy information mapping in /etc/msipolicys catalogue under each tactful sub-directory, for example, the mls strategy having merged taking MSI is example, can be at establishment/initial_contexts sub-directory under/msifs/mls/ catalogue, the mls strategy secure ID that the file under this catalogue loads while being initialization.
As shown in Figure 6, the detailed step of step 3) is as follows:
3.1) the system call request that in capturing operation system, process is sent;
3.2) judge whether the execution object of system call request exists, do not exist if carry out object, report an error and exit; Carry out else if object and exist, redirect execution step 3.3);
3.3) read MSI memory file system, first whether the many strategies of inquiry merge the start and stop states that in status file msistatus, MSI memory file system are set for enabling, if start and stop state for enabling; redirect perform step 3.4); If start and stop state is for stopping using, redirect performs step 3.6);
3.4) read in core each security strategy of Kernel security chained list in security strategy pond, in the mode that walks abreast respectively by each security strategy as current safety strategy, read current safety strategy security strategy sub-directory in corresponding core under/msifs catalogue, judge the start and stop state of security policy states file status under the interior security strategy sub-directory of core, if start and stop state is for enabling, obtain the secure ID that the Subjective and Objective of system call request is endowed under current safety strategy in security strategy pond in core, and the scope check rule of the secure ID that the Subjective and Objective of system call request is endowed based under current safety strategy in security strategy pond in core carried out authority judgement, if the secure ID of the Subjective and Objective of the scope check of current safety strategy rule imparting system call request has operating right, the judged result that meets security strategy is write in core in security strategy pond to the policy permissions check result message file access under security strategy sub-directory in the corresponding core of current safety strategy, if the secure ID of the Subjective and Objective of the scope check of current safety strategy rule imparting system call request does not have operating right, the judged result that does not meet security strategy is write in core in security strategy pond to the policy permissions check result message file access under security strategy sub-directory in the corresponding core of current safety strategy, judge and do not pass through for the constraint checking of described system call request, exit and carry out described system call request and point out Insufficient privilege, if start and stop state, for stopping using, directly finishes the processing to current safety strategy, final after the processing that completes all security strategies, redirect is carried out next step,
3.5) read in core each security strategy of Kernel security chained list in security strategy pond, obtain the start and stop state of security policy states file status under the interior security strategy sub-directory of the corresponding core of described security strategy, the Lateral constrained condition of recording according to security constraint file msiconstraint is to being that the rreturn value of the policy permissions check result message file access under security strategy sub-directory in the corresponding core of the security strategy of enabling is carried out lateral confinement judgement to all start and stop states, if do not meet Lateral constrained condition, judge for the constraint checking of described system call request and do not pass through, exit and carry out described system call request and point out Insufficient privilege, otherwise, judge that constraint checking passes through, redirect execution step 3.6),
3.6) operation of main object in executive system call request.
Known referring to Fig. 4, the present embodiment is from high efficiency angle, in the mode that walks abreast respectively by each security strategy as current safety strategy, thereby adopt parallel queue-type determinating mode, in the time judging for each security strategy, adopt parallel authority to detect, and complete after the processing of all security strategies, to carrying out the queue-type method that has adopted serial in the judgement of authority result, once the policing rule first returning is detected unsuccessfully, whole implementation exits and points out does not have authority.
In the present embodiment, many strategies force Lateral constrained condition that access control modules record according to security constraint file msiconstraint to being that the rreturn value of the policy permissions check result message file access under security strategy sub-directory in the corresponding core of security strategy of enabling is carried out lateral confinement judgement to all start and stop states, security constraint file msiconstraint longitudinally checks by rear overall condition when merging and carries out lateral confinement for each single strategy, while preventing many strategy fusions such as similar high safe level lower security user or dangerous type, longitudinal irrationality host and guest is allowed by authority.The present embodiment provides interactive entrance inside and outside core based on MSI memory file system, first between each security strategy all separately in each sub-directory of store M SI memory file system, in the time carrying out policing rule inspection, mutually do not rely on, do not disturb, even if there is checking fault in certain strategy, do not affect other tactful access control inspections, thereby convenient and safe member carries out policing issue location, has advantages of loose coupling; Secondly, each security strategy inside is an entirety, from the policy store of user's space with upgrade and load, to MSI /msifs catalogue under this policy library loading be to come down in a continuous line, the monitoring module merging by many strategies is realized and being upgraded in time, therefore has advantages of high cohesion.
As shown in Figure 7 and Figure 8, the present embodiment provides many strategies to force access control module, how tactful fusion monitoring module and many policing rules memory module based on MSI memory file system.(1) how tactful fusion monitoring module is for many strategy pressure access control modules provide support, for the Kernel security chain table look-up service in security strategy pond in core is provided, obtain in MSI memory file system each safe start and stop state and version value and be updated in Kernel security chained list, for how tactful access control module provides tactful examination scope, tactful fusion monitoring module is also for strategy inside and outside core is provided by the service that provides that checks simultaneously.As shown in Figure 7, (security strategy 1~security strategy n) has one group of corresponding mark to each security strategy, the mark of all security strategies forms Subjective and Objective mark pond, the Subjective and Objective of system call request is forced access control module to carry out strategy inspection by many strategies, thereby mate with the mark in Subjective and Objective mark pond, after coupling again with core in security strategy pond each security strategy (whether security strategy 1~security strategy scope check rule n) is compared is met the judged result of security strategy, many strategies force access control modules that judged result is write in core in security strategy pond to the policy permissions check result message file access under security strategy sub-directory in the corresponding core of current safety strategy, and the final constraint checking to system call request, constraint checking is by the operation of main object in ability executable system call request.Many tactful fusion monitoring modules are mainly responsible for following function: obtain host and guest's object, carry out Subjective and Objective scope check; According to the each tactful start and stop situation of the system providing in how tactful fusion monitoring module, Subjective and Objective is obtained and enabled tactful corresponding secure ID; According to Subjective and Objective secure ID and process operation, the rules of competence of each policing action in query strategy rule pond; The pressure access control process of judging by many strategies, carries out many tactful walking abreast and judges; The security constraint file msiconstraint writing according to user carries out overall authority judgement.(2) the more new trend of the each security strategy of user's space under how tactful fusion monitoring module monitors MSI memory file system, be synchronized in time memory file system MSI /each security strategy sub-directory under msifs/ catalogue in, realizing tactful secure synchronization timely upgrades, start and stop status information in security policy states file status under security strategy sub-directory in core corresponding to msistatus file and security strategy under many tactful fusion monitoring module monitors MSI memory file systems, for how tactful access control module provides tactful examination scope; Many strategies under many tactful fusion monitoring module monitors/msifs catalogues merge the scope check state that in global restriction check result file access and core, the policy permissions check result message file access under security strategy sub-directory returns, in the time that the policy permissions check result message file access under security strategy sub-directory in core occurs there is no authority, feed back to many strategies and force access control module, end check; When returning, the policy permissions check result message file access under security strategy sub-directory in all core has the right in limited time, the constraint checking result that many strategies that monitoring/msifs/access file returns merge.(3) many policing rules memory module builds catalogue and the associated documents of the each policy store of user's space, realizing the initialization of MSI memory file system loads, and can realize the immediate updating to security strategy pond in core by the user's space outside core, comprise coming the self-defining revision of user's space or newly-increased security strategy and scope check rule etc.
The above is only the preferred embodiment of the present invention, and protection scope of the present invention is also not only confined to above-described embodiment, and all technical schemes belonging under thinking of the present invention all belong to protection scope of the present invention.It should be pointed out that for those skilled in the art, some improvements and modifications without departing from the principles of the present invention, these improvements and modifications also should be considered as protection scope of the present invention.
Claims (4)
1. the forced access control method merging based on many strategies, is characterized in that implementation step is as follows:
1) be configured to merge memory file system for user's space, kernel spacing provide many strategies of interactive entrance, described many strategies merge the security policy information that stores multiple security strategy in memory file system;
2) in the time that operating system loads kernel, initialization loads described many strategy fusion memory file systems, and in operating system nucleus, sets up security strategy pond in core according to the security policy information of storage;
3) the system call request that in capturing operation system, process is sent, judges whether the execution object of described system call request exists, and if there is no exits; Exist else if, adopt parallel mode to judge respectively whether the operation of main object in described system call request meets the requirement of each security strategy in the interior security strategy of core pond and generate respectively judged result, if judged result, for not meeting security strategy, directly exits arbitrarily; Comprehensively generate the scope check result to system call request according to the judged result of described each security strategy, and under the condition of only passing through in inspection, carry out the operation of main object in described system call request.
2. the forced access control method merging based on many strategies according to claim 1, is characterized in that, the detailed step of described step 1) is as follows:
1.1) in operating system, create for the many strategies of carry merge memory file systems /msifs catalogue, described/msifs catalogue only has read and write access authority for security of system person;
1.2) under described/msifs catalogue, create many strategy fusion status file msistatus and many strategies and merge global restriction check result file access, described many strategies merge status file msistatus and are used for recording the many tactful memory file system start and stop states that merge of current operation system, and described many strategies merge global restriction check result file access and are used for recording the result according to restriction relation is carried out security constraint inspection between each security strategy of security strategy pond to all judged results in core;
1.3) operating system /create secure configuration file msiconf under etc/ catalogue, the outer policing rule pond catalogue msipolicys of security constraint file msiconstraint and core, when described secure configuration file msiconf starts for configuration operation system is next, many strategies merge the start and stop of memory file system start and stop state and multiple security strategy and deposit information, described security constraint file msiconstraint is used for being configured in and receives that all judged results are after meeting security strategy judged result is carried out to lateral confinement, under the outer policing rule pond catalogue msipolicys of core, have multiple security strategy sub-directories that the outer policing rule of core pond is supported, any one security strategy sub-directory is with corresponding security strategy name nominating, and the Rule Information catalogue policy of status information file version and this security strategy while depositing the policy installation of this security strategy, under described Rule Information catalogue policy, deposit the scope check rule of this security strategy.
3. the forced access control methods that merge based on many strategies according to claim 2, is characterized in that described step 2) detailed step as follows:
2.1) load after kernel kernel in operating system, the command parameter information in read operation system start-up routine, if in command parameter information with the parameters of enabling many strategies and merge memory file systems, redirect execution step 2.2); Otherwise redirect execution step 2.10);
2.2) operating system carry root directory/after, general/msifs catalogue carry merges memory file systems as many strategies;
2.3) read described secure configuration file msiconf, during according to described secure configuration file msiconf read operation system startup next time, many strategies merge the start and stop of memory file system start and stop states and multiple security strategy and deposit information;
2.4) judge that in described secure configuration file msiconf, whether enabling many strategies merges memory file system, if enabled, redirect execution step 2.5), otherwise redirect execution step 2.10);
2.5) to all security strategies of depositing in described secure configuration file msiconf, obtain one of them still untreated security strategy as current safety strategy;
2.6) first read the start and stop information of the command parameter information current safety strategy in described os starting program, if the start and stop information of described command parameter information current safety strategy is for enabling, further read the start and stop information of current safety strategy in described secure configuration file msiconf, if the start and stop both information of current safety strategy is and enables in the start and stop information of described command parameter information current safety strategy, described secure configuration file msiconf, redirect execution step 2.7), otherwise redirect execution step 2.8);
2.7) under described/msifs catalogue, create security strategy sub-directory in a corresponding core with current safety policy name, during by the policy installation of current safety strategy under outer described core policing rule pond catalogue msipolicys, status information file version is loaded in core under security strategy sub-directory, in described core, under security strategy sub-directory, set up security policy states file status and be set to initiate mode, in described core, under security strategy sub-directory, set up the policy permissions check result message file access of the scope check result for there is current safety strategy, by current safety strategy outside core under the catalogue msipolicys of policing rule pond in Rule Information catalogue policy scope check rule be loaded on security strategy sub-directory in described core, thereby complete the initialization in security strategy pond in core of current safety strategy,
2.8) under described/msifs catalogue, create security strategy sub-directory in a corresponding core with current safety policy name, in described core, under security strategy sub-directory, set up security policy states file status and be set to dead status;
2.9) judge whether current safety strategy is last security strategy of depositing in secure configuration file msiconf, if not obtaining one of them, still untreated security strategy is as current safety strategy, and redirect performs step 2.6), otherwise judge the initialization in security strategy pond in core, the security strategy title in security strategy pond in core has been stored as to Kernel security chained list with the form of chained list, then Real-Time Monitoring contrasts each security strategy status information file version when policy installation in policing rule pond outside core, status information file version when policy installation under security strategy sub-directory in core, if status information file version difference when aforementioned two policy installation of any one security strategy, judge that described security strategy upgrades in policing rule pond outside core, by described security strategy outside core under the catalogue msipolicys of policing rule pond in Rule Information catalogue policy scope check rule be loaded on security strategy sub-directory in core corresponding to described security strategy, thereby complete the synchronous renewal in described security strategy security strategy pond in core, redirect execution step 2.10),
2.10) according in operating system/other subregions of the content load operation system of etc/fstab file, whether the command parameter information in decision operation system start-up routine has need to be the option of file add-on security mark, the option identifying for file add-on security if necessary, in core, a security strategy is selected as current safety strategy redirect execution step 2.11 in security strategy pond), otherwise exit;
2.11) according to the system All Files of current safety policy definition, the secure ID under current safety strategy carries out mark, and mark is written to the extended attribute part of described file;
2.12) judge that whether current safety strategy is last security strategy in security strategy pond in core, if not in core security strategy pond select one not yet the security strategy of traversal as current safety strategy redirect execution step 2.11); Otherwise All Files has had how tactful safety label in expression operating system, many strategies merge memory file system MSI initialization to be completed.
4. the forced access control method merging based on many strategies according to claim 3, is characterized in that, the detailed step of described step 3) is as follows:
3.1) the system call request that in capturing operation system, process is sent;
3.2) whether the execution object that judges described system call request exists, and does not exist if carry out object, reports an error and exits; Carry out else if object and exist, redirect execution step 3.3);
3.3) read described many strategies and merge memory file system, first the many strategies of inquiry merge and start and stop states that many strategies merge memory file systems are set whether for enabling in status file msistatus, if start and stop state for enabling; redirect perform step 3.4); If start and stop state is for stopping using, redirect performs step 3.6);
3.4) read in core each security strategy of Kernel security chained list in security strategy pond, in the mode that walks abreast respectively by each security strategy as current safety strategy, read current safety strategy security strategy sub-directory in corresponding core under described/msifs catalogue, judge the start and stop state of security policy states file status under the interior security strategy sub-directory of described core, if described start and stop state is for enabling, obtain the secure ID that the Subjective and Objective of described system call request is endowed under current safety strategy in security strategy pond in core, and the scope check rule of the secure ID that the Subjective and Objective of described system call request is endowed based under current safety strategy in security strategy pond in core carried out authority judgement, if giving the secure ID of the Subjective and Objective of described system call request, the scope check rule of current safety strategy there is operating right, the judged result that meets security strategy is write in core in security strategy pond to the policy permissions check result message file access under security strategy sub-directory in the corresponding core of current safety strategy, if giving the secure ID of the Subjective and Objective of described system call request, the scope check rule of current safety strategy there is no operating right, the judged result that does not meet security strategy is write in core in security strategy pond to the policy permissions check result message file access under security strategy sub-directory in the corresponding core of current safety strategy, judge and do not pass through for the constraint checking of described system call request, exit and carry out described system call request and point out Insufficient privilege, if described start and stop state, for stopping using, directly finishes the processing to current safety strategy, final after the processing that completes all security strategies, redirect is carried out next step,
3.5) read in core each security strategy of Kernel security chained list in security strategy pond, obtain the start and stop state of security policy states file status under the interior security strategy sub-directory of the corresponding core of described security strategy, the Lateral constrained condition of recording according to security constraint file msiconstraint is to being that the rreturn value of the policy permissions check result message file access under security strategy sub-directory in the corresponding core of the security strategy of enabling is carried out lateral confinement judgement to all start and stop states, if do not meet Lateral constrained condition, judge for the constraint checking of described system call request and do not pass through, exit and carry out described system call request and point out Insufficient privilege, otherwise, judge that constraint checking passes through, redirect execution step 3.6),
3.6) carry out the operation of main object in described system call request.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201410340911.9A CN104112089B (en) | 2014-07-17 | 2014-07-17 | Multi-strategy integration based mandatory access control method |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201410340911.9A CN104112089B (en) | 2014-07-17 | 2014-07-17 | Multi-strategy integration based mandatory access control method |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN104112089A true CN104112089A (en) | 2014-10-22 |
| CN104112089B CN104112089B (en) | 2017-02-01 |
Family
ID=51708875
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201410340911.9A Active CN104112089B (en) | 2014-07-17 | 2014-07-17 | Multi-strategy integration based mandatory access control method |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN104112089B (en) |
Cited By (16)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104394176A (en) * | 2014-12-17 | 2015-03-04 | 中国人民解放军国防科学技术大学 | Webshell prevention method based on mandatory access control mechanism |
| CN104484617A (en) * | 2014-12-05 | 2015-04-01 | 中国航空工业集团公司第六三一研究所 | Database access control method on basis of multi-strategy integration |
| CN106790032A (en) * | 2016-12-15 | 2017-05-31 | 华南师范大学 | A kind of strategy fusion and susceptibility computational methods and system based on RBAC |
| WO2017157202A1 (en) * | 2016-03-18 | 2017-09-21 | 阿里巴巴集团控股有限公司 | Method and device for executing system scheduling |
| CN107273754A (en) * | 2016-04-08 | 2017-10-20 | 中兴通讯股份有限公司 | A kind of data access control method and device |
| CN107277023A (en) * | 2017-06-28 | 2017-10-20 | 中国科学院信息工程研究所 | A kind of thin terminal access control method of movement based on Web, system and thin terminal |
| CN108090361A (en) * | 2016-11-22 | 2018-05-29 | 腾讯科技(深圳)有限公司 | Security strategy update method and device |
| CN109964227A (en) * | 2017-10-30 | 2019-07-02 | 华为技术有限公司 | Update the method and terminal of SELinux security strategy |
| CN109992983A (en) * | 2019-04-15 | 2019-07-09 | 苏州浪潮智能科技有限公司 | A kind of forced access control method, device, equipment and readable storage medium storing program for executing |
| CN110348234A (en) * | 2019-07-01 | 2019-10-18 | 电子科技大学 | Pressure access safety strategy implementation method and management method in MILS framework |
| CN111669349A (en) * | 2019-03-05 | 2020-09-15 | 中国环境监测总站 | Data access security control method and device based on control drive management |
| CN112685729A (en) * | 2020-12-25 | 2021-04-20 | 中国科学院信息工程研究所 | Special mandatory access control method, system, electronic equipment and storage medium |
| CN113704795A (en) * | 2021-09-02 | 2021-11-26 | 杭州戎戍网络安全技术有限公司 | Multi-domain access control formalized modeling method based on label attributes |
| CN114780168A (en) * | 2022-03-30 | 2022-07-22 | 全球能源互联网研究院有限公司南京分公司 | Method and device for dynamically changing security policy of intelligent terminal container and electronic equipment |
| TWI796414B (en) * | 2018-01-26 | 2023-03-21 | 英商Arm股份有限公司 | Apparatus, method, computer program, and storage medium for region fusing |
| WO2023098579A1 (en) * | 2021-11-30 | 2023-06-08 | 华为技术有限公司 | Access control method and related device |
Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101727555A (en) * | 2009-12-04 | 2010-06-09 | 苏州昂信科技有限公司 | Access control method for operation system and implementation platform thereof |
| CN101901313A (en) * | 2010-06-10 | 2010-12-01 | 中科方德软件有限公司 | Linux file protection system and method |
| EP2432186A1 (en) * | 2009-05-26 | 2012-03-21 | ZTE Corporation | File uploading realization method and system for web application |
-
2014
- 2014-07-17 CN CN201410340911.9A patent/CN104112089B/en active Active
Patent Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| EP2432186A1 (en) * | 2009-05-26 | 2012-03-21 | ZTE Corporation | File uploading realization method and system for web application |
| CN101727555A (en) * | 2009-12-04 | 2010-06-09 | 苏州昂信科技有限公司 | Access control method for operation system and implementation platform thereof |
| CN101901313A (en) * | 2010-06-10 | 2010-12-01 | 中科方德软件有限公司 | Linux file protection system and method |
Non-Patent Citations (1)
| Title |
|---|
| 陈汉章等: "访问控制框架及其在Linux中的应用研究", 《计算机应用研究》 * |
Cited By (27)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104484617A (en) * | 2014-12-05 | 2015-04-01 | 中国航空工业集团公司第六三一研究所 | Database access control method on basis of multi-strategy integration |
| CN104484617B (en) * | 2014-12-05 | 2017-09-26 | 中国航空工业集团公司第六三一研究所 | A kind of Access and control strategy of database method based on many strategy fusions |
| CN104394176A (en) * | 2014-12-17 | 2015-03-04 | 中国人民解放军国防科学技术大学 | Webshell prevention method based on mandatory access control mechanism |
| CN107203715B (en) * | 2016-03-18 | 2021-03-19 | 斑马智行网络(香港)有限公司 | Method and device for executing system call |
| US11093647B2 (en) | 2016-03-18 | 2021-08-17 | Banma Zhixing Network (Hongkong) Co., Limited | Method and device for executing system scheduling |
| WO2017157202A1 (en) * | 2016-03-18 | 2017-09-21 | 阿里巴巴集团控股有限公司 | Method and device for executing system scheduling |
| CN107203715A (en) * | 2016-03-18 | 2017-09-26 | 阿里巴巴集团控股有限公司 | The method and device that execution system is called |
| CN107273754A (en) * | 2016-04-08 | 2017-10-20 | 中兴通讯股份有限公司 | A kind of data access control method and device |
| CN108090361B (en) * | 2016-11-22 | 2020-06-30 | 腾讯科技(深圳)有限公司 | Security policy updating method and device |
| CN108090361A (en) * | 2016-11-22 | 2018-05-29 | 腾讯科技(深圳)有限公司 | Security strategy update method and device |
| CN106790032A (en) * | 2016-12-15 | 2017-05-31 | 华南师范大学 | A kind of strategy fusion and susceptibility computational methods and system based on RBAC |
| CN106790032B (en) * | 2016-12-15 | 2020-04-21 | 华南师范大学 | RBAC-based strategy fusion and sensitivity calculation method and system |
| CN107277023A (en) * | 2017-06-28 | 2017-10-20 | 中国科学院信息工程研究所 | A kind of thin terminal access control method of movement based on Web, system and thin terminal |
| US11222118B2 (en) | 2017-10-30 | 2022-01-11 | Huawei Technologies Co., Ltd. | Method for updating selinux security policy and terminal |
| CN109964227A (en) * | 2017-10-30 | 2019-07-02 | 华为技术有限公司 | Update the method and terminal of SELinux security strategy |
| CN109964227B (en) * | 2017-10-30 | 2021-08-13 | 华为技术有限公司 | Method and terminal for updating SELinux security policy |
| TWI796414B (en) * | 2018-01-26 | 2023-03-21 | 英商Arm股份有限公司 | Apparatus, method, computer program, and storage medium for region fusing |
| CN111669349A (en) * | 2019-03-05 | 2020-09-15 | 中国环境监测总站 | Data access security control method and device based on control drive management |
| CN111669349B (en) * | 2019-03-05 | 2022-08-05 | 中国环境监测总站 | Data access security control method and device based on control drive management |
| CN109992983A (en) * | 2019-04-15 | 2019-07-09 | 苏州浪潮智能科技有限公司 | A kind of forced access control method, device, equipment and readable storage medium storing program for executing |
| CN110348234A (en) * | 2019-07-01 | 2019-10-18 | 电子科技大学 | Pressure access safety strategy implementation method and management method in MILS framework |
| CN112685729A (en) * | 2020-12-25 | 2021-04-20 | 中国科学院信息工程研究所 | Special mandatory access control method, system, electronic equipment and storage medium |
| CN113704795A (en) * | 2021-09-02 | 2021-11-26 | 杭州戎戍网络安全技术有限公司 | Multi-domain access control formalized modeling method based on label attributes |
| CN113704795B (en) * | 2021-09-02 | 2024-02-06 | 杭州戎戍网络安全技术有限公司 | Multi-domain access control formalized modeling method based on label attribute |
| WO2023098579A1 (en) * | 2021-11-30 | 2023-06-08 | 华为技术有限公司 | Access control method and related device |
| CN114780168A (en) * | 2022-03-30 | 2022-07-22 | 全球能源互联网研究院有限公司南京分公司 | Method and device for dynamically changing security policy of intelligent terminal container and electronic equipment |
| CN114780168B (en) * | 2022-03-30 | 2023-04-28 | 全球能源互联网研究院有限公司南京分公司 | Method and device for dynamically changing security policy of intelligent terminal container and electronic equipment |
Also Published As
| Publication number | Publication date |
|---|---|
| CN104112089B (en) | 2017-02-01 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN104112089A (en) | Multi-strategy integration based mandatory access control method | |
| CN102592077B (en) | Method for providing a security boundary | |
| US9225527B1 (en) | Hidden plug-in storage drive for data integrity | |
| CN101452397B (en) | Forced access control method and apparatus in virtual environment | |
| CN102567667B (en) | Intelligent information equipment and operation system thereof | |
| US10417179B2 (en) | Method for managing files and apparatus using the same | |
| US20080244738A1 (en) | Access control | |
| CN104715209B (en) | A kind of outgoing document encryption protecting method | |
| CN103581187A (en) | Method and system for controlling access rights | |
| CN110188574B (en) | Webpage tamper-proofing system and method for Docker container | |
| TW202024953A (en) | Data structure reading and updating method and device and electronic equipment | |
| CN109643302A (en) | For the Storage Virtualization of file | |
| US9516031B2 (en) | Assignment of security contexts to define access permissions for file system objects | |
| CN104508676B (en) | Mandatory protection control in virtual machine | |
| JP2008508577A5 (en) | ||
| CN109923547B (en) | Program behavior monitoring device, distributed object generation management device, storage medium, and program behavior monitoring system | |
| US20160062762A1 (en) | Self-contained storage device for self-contained application execution | |
| CN103389925B (en) | A kind of real time backup method based on process name identification | |
| WO2023197916A1 (en) | Access control method and device for linux file system | |
| AU2010295785A1 (en) | System and method for determining true computer file type identity | |
| US20110055535A1 (en) | Method of Converting Personal Computers Into Thin Client Computers | |
| CN102663313B (en) | Method for realizing information security of computer system | |
| GB2515736A (en) | Controlling access to one or more datasets of an operating system in use | |
| CN107193590A (en) | A kind of anti-root methods based on android | |
| CN105138378A (en) | BIOS flash method and electronic device |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant |