CN104112089B - Multi-strategy integration based mandatory access control method - Google Patents

Multi-strategy integration based mandatory access control method Download PDF

Info

Publication number
CN104112089B
CN104112089B CN201410340911.9A CN201410340911A CN104112089B CN 104112089 B CN104112089 B CN 104112089B CN 201410340911 A CN201410340911 A CN 201410340911A CN 104112089 B CN104112089 B CN 104112089B
Authority
CN
China
Prior art keywords
strategy
security
security strategy
core
file
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201410340911.9A
Other languages
Chinese (zh)
Other versions
CN104112089A (en
Inventor
廖湘科
魏立峰
陈松政
罗军
黄辰林
丁滟
董攀
付松龄
杨诏钧
孙利杰
罗求
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
National University of Defense Technology
Original Assignee
National University of Defense Technology
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by National University of Defense Technology filed Critical National University of Defense Technology
Priority to CN201410340911.9A priority Critical patent/CN104112089B/en
Publication of CN104112089A publication Critical patent/CN104112089A/en
Application granted granted Critical
Publication of CN104112089B publication Critical patent/CN104112089B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/45Structures or tools for the administration of authentication
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2113Multi-level security, e.g. mandatory access control

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Storage Device Security (AREA)

Abstract

The invention discloses a multi-strategy integration based mandatory access control method. The method includes the implementing steps: constructing a multi-strategy integration memory file system, initializing to load the multi-strategy integration memory file system when an operation system loads a kernel and establishing an in-kernel security strategy pool in the kernel of the operation system according to stored security strategy information; intercepting a system call request sent out by a progress, judging whether an execution object exists or not, and concurrently judging whether operation of a subject on the object meets requirements of each security strategy in the system call request if the execution object exists, and respectively generating judging results; comprehensively generating authorization check results of the system call request according to the judging results, and calling the operation of the subject on the object in the system call request only on the condition that check passes. The multi-strategy integration based mandatory access control method is capable of integrating multiple security strategies to perform comprehensive and highly-efficient mandatory access control and has the advantages of setting flexibility, simplicity in integration, extendibility, high security, accessibility and high efficiency.

Description

The forced access control method being merged based on many strategies
Technical field
The present invention relates to field of information security technology and in particular to a kind of based on many strategy merge forced symmetric centralization sides Method.
Background technology
At present, due to networking constantly extension and large-scale application, the invasion day such as thing followed virus, wooden horse and anthelmintic Benefit wildness is so that information security is faced with stern challenge;Further, since the multiformity of networked instruments and complexity so that Information system only cannot meet demand for security by single security strategy to the protection of application.With information security technology not Disconnected development, current forced symmetric centralization technology is constantly favored in this field, and this technology can in different levels effectively Protection information system is difficult to be invaded by virus, wooden horse etc., thus protecting its application.Information peace based on forced symmetric centralization technology Entirely create a lot of security models and security strategy, for example: security model has based on blp(bell&lapadula) confidentiality Protection model, the integrity protection model based on biba, the multiple domain Ji Yu dte (domain and type enforcement) Controlling model, be based on rbac(role-based access control access control based roles) Capability Management Model in Capability-Based Deng;And security strategy then has the representativeness security strategy such as selinux already integrated into linux kernel.Although information system is Through there being a so many security model, and selinux strategy is also integrated with the high security that multiple security models realize system Forced symmetric centralization, but, for demand for security complicated under many application models at present, existing forced symmetric centralization is still Exist not enough as follows:
1st, the Confidentiality protection model based on blp, the integrity protection model based on biba, the multiple domain based on dte control The protection purpose of the security models such as model, Capability Management Model in Capability-Based based on rbac is different, needs collaborative work to be just provided that more preferably Security protection;The representativeness security strategy such as selinux already integrated into linux kernel is realized using tight cluster mode Confidentiality protection model based on blp, the integrity protection model based on biba, the multiple domain Controlling model based on dte, it is based on The common implementing of the security models such as the Capability Management Model in Capability-Based of rbac, preferably achieves protection while multiple securities mechanism, but It is difficult to carry out strategy extension and works in coordination with it is impossible to individual security mechanism is carried out with strategy configuration, lead to security configuration performance difficulty, spirit Activity is not enough, and autgmentability is poor.
2nd, Confidentiality protection and integrity protection are the important component parts of information security, but because Confidentiality protection is prohibited Only upper read under write, integrity protection then forbid on write, lead in existing embodiment Confidentiality protection strategy difficult to realize and complete The coexisting of whole property Preservation tactics.The integrated forced symmetric centralization of such as existing linux only has multilvel security policy, does not have integrity Preservation tactics, lead to meet the demand that existing confidentiality and integrity is protected simultaneously.
3rd, current information system carries out using serial judgement when forced symmetric centralization checks, forces visit when there are many sets When asking that control strategy checks, often bring larger efficiency losses to access control.
Content of the invention
The technical problem to be solved in the present invention is: for the above-mentioned technical problem of prior art, provides one kind integrated Multiple security strategies carry out the forced symmetric centralization of comprehensive high-efficiency, and setting is flexible, integrated simple, has extensibility, high safety Property, ease for use and high efficiency good based on many strategy merge forced access control methods.
In order to solve above-mentioned technical problem, the technical scheme that the present invention provides is:
A kind of forced access control method being merged based on many strategies, implementation step is as follows:
1) it is configured to provide many strategies of interactive entrance to merge memory file system, institute for user's space, kernel spacing State the security policy information that many strategies merge multiple security strategies that are stored with memory file system;
2) when operating system loads kernel, the described many strategies of initialization loading merge memory file system, and according to storage Security policy information set up security strategy pond in core in operating system nucleus;
3) the system call request that in capturing operation system, process sends, judges the execution object of described system call request Whether there is, if there is no then exiting;Else if existing, then judge that described system is called respectively using parallel form and ask Whether the operation seeking main object meets the requirement of each security strategy generation judgement respectively in security strategy pond in core As a result, if any judged result is not meet security strategy, directly exit;Judgement knot according to each security strategy described Fruit comprehensively to give birth to the scope check result of paired systems call request, and only executes described system tune under conditions of inspection is passed through Operation with main object in request.
Preferably, the detailed step of described step 1) is as follows:
1.1) create in an operating system for the many strategies of carry merge memory file system /msifs catalogue, described/ Msifs catalogue has read and write access authority only for system security official;
1.2) create many strategy Fusion Strain file msistatus under described/msifs catalogue and how strategy fusion is overall Constraint checking destination file access, described many strategy Fusion Strain file msistatus are used for recording in current operation system How strategy merges memory file system start and stop state, and described many strategies merge global restriction inspection result file access and are used for remembering Record according in security strategy pond in core between each security strategy restriction relation security constraint inspection is carried out to all judged results Result;
1.3) operating system /etc/ catalogue under create secure configuration file msiconf, security constraint file Msiconstraint and core outer policing rule pond catalogue msipolicys, described secure configuration file msiconf is used for configuring During operating system startup next time, many strategies merge the start and stop of memory file system start and stop states and multiple security strategy and deposit letter Breath, described security constraint file msiconstraint is used for configuration and is receiving after all judged results are and meet security strategy Lateral confinement is carried out to judged result, there are the outer policing rule pond of core under catalogue msipolicys of core outer policing rule pond and propped up The multiple security strategy subdirectories held, any one security strategy subdirectory is with corresponding security strategy name nominating, and deposits Have this security strategy policy installation when status information file version and this security strategy Rule Information catalogue policy, The scope check rule of this security strategy is deposited under described Rule Information catalogue policy.
Preferably, described step 2) detailed step as follows:
2.1) after operating system loads kernel kernel, command parameter information in read operation startup procedure, If carry in command parameter information enabling the parameter that many strategies merge memory file system, redirect execution step 2.2);No Then redirect execution step 2.10);
2.2) operating system carry root/after, general/msifs catalogue carry as many strategy merge memory file systems System;
2.3) read described secure configuration file msiconf, according to described secure configuration file msiconf read operation system During system startup next time, many strategies merge the start and stop of memory file system start and stop state and multiple security strategy and deposit information;
2.4) judge that whether enabling many strategies in described secure configuration file msiconf merges memory file system, if Enable, redirect execution step 2.5), otherwise redirect execution step 2.10);
2.5) to all security strategies deposited in described secure configuration file msiconf, obtain one of them and not yet locate The security strategy of reason is as current safety strategy;
2.6) read the start and stop letter of the command parameter information current safety strategy in described os starting program first Breath, if the start and stop information of described command parameter information current safety strategy is to enable, reads described security configuration further The start and stop information of current safety strategy in file msiconf, if the start and stop letter of described command parameter information current safety strategy In breath, described secure configuration file msiconf, the start and stop both information of current safety strategy is and enables, and redirects execution step 2.7), otherwise redirect execution step 2.8);
2.7) under described/msifs catalogue, security strategy in a corresponding core is created with current safety policy name Catalogue, by status information file during the policy installation of current safety strategy under catalogue msipolicys of outer for described core policing rule pond Version is loaded onto under security strategy subdirectory in core, sets up security policy states under security strategy subdirectory in described core File status simultaneously is set to enable state, sets up and be used for there is current safety strategy under security strategy subdirectory in described core Scope check result policy permissions inspection result message file access, by current safety strategy in the outer policing rule pond of core In Rule Information catalogue policy under catalogue msipolicys, scope check rule is loaded onto security strategy subdirectory in described core, Thus completing the initialization in current safety strategy security strategy pond in core;
2.8) under described/msifs catalogue, security strategy in a corresponding core is created with current safety policy name Catalogue, sets up security policy states file status under security strategy subdirectory in described core and is set to dead status;
2.9) judge whether current safety strategy is the safe plan of last deposited in secure configuration file msiconf Slightly, if not then obtaining one of them still untreated security strategy as current safety strategy, redirect execution step 2.6); Otherwise judge to complete the initialization in security strategy pond in core, by the security strategy title in security strategy pond in core with the shape of chained list Formula is stored as Kernel security chained list;Then real-time monitoring contrasts each security strategy in the outer policing rule pond of core during policy installation Status information file version during policy installation under security strategy subdirectory in status information file version, core, if appointed During the both of the aforesaid policy installation of one security strategy of meaning, status information file version is different, then judge described security strategy Updated in the outer policing rule pond of core, described security strategy is regular under catalogue msipolicys of core outer policing rule pond In message catalog policy, scope check rule is loaded onto security strategy subdirectory in the corresponding core of described security strategy, thus complete Become the synchronized update in described security strategy security strategy pond in core, redirect execution step 2.10);
2.10) according in operating system/content of etc/fstab file loads other subregions of operating system, judges behaviour The command parameter information in startup procedure the made option for file add-on security mark whether in need, if necessary for The option of file add-on security mark, then in core, security strategy pond selects a security strategy as current safety strategy and to jump Turn execution step 2.11), otherwise exit;
2.11) secure ID under current safety strategy for the system All Files according to current safety policy definition is carried out Labelling, and write mark into the extended attribute part of described file;
2.12) judge that whether current safety strategy is last security strategy in security strategy pond in core, if not It is that security strategy pond selects the security strategy of a not yet traversal as current safety strategy and to redirect execution step in core 2.11);Otherwise represent that in operating system, All Files has had many security policy labelling, how strategy merges memory file system Msi initialization completes.
Preferably, the detailed step of described step 3) is as follows:
3.1) the system call request that in capturing operation system, process sends;
3.2) judge that the execution object of described system call request whether there is, if execution object does not exist, report an error simultaneously Exit;Else if execution object exists, then redirect execution step 3.3);
3.3) read described many strategies and merge memory file system, inquire about many strategy Fusion Strain files first Whether the start and stop state arranging many strategy fusion memory file systems in msistatus is to enable, if start and stop state is to enable Then redirect execution step 3.4);If start and stop state is to disable, redirect execution step 3.6);
3.4) read each security strategy of Kernel security chained list in security strategy pond in core, respectively will in a parallel fashion Each security strategy is as current safety strategy;Read in current safety strategy corresponding core under described/msifs catalogue and pacify Tactful subdirectory, judges the start and stop state of security policy states file status under security strategy subdirectory in described core, such as entirely Really described start and stop state is to enable, then obtain current safety in Subjective and Objective security strategy pond in core of described system call request The secure ID being endowed under strategy, and the secure ID that the Subjective and Objective of described system call request is endowed is based on peace in core Scope check rule under current safety strategy in tactful pond carries out authority judgement, if the scope check of current safety strategy entirely The secure ID that rule gives the Subjective and Objective of described system call request has operating right, then will meet the judgement of security strategy Result writes the policy permissions inspection knot under security strategy subdirectory in the corresponding core of current safety strategy in security strategy pond in core Fruit message file access;If the scope check rule of current safety strategy gives the Subjective and Objective of described system call request Secure ID does not have operating right, then the judged result not meeting security strategy is write current safety in security strategy pond in core Policy permissions inspection result message file access under security strategy subdirectory in the corresponding core of strategy, judges to be directed to described system The constraint checking of call request does not pass through, and exits the described system call request of execution and points out Insufficient privilege;If described start and stop State is to disable, then directly terminate the process to current safety strategy;Finally after the process completing all security strategies, redirect Execution next step;
3.5) read each security strategy of Kernel security chained list in security strategy pond in core, obtain described security strategy pair Answer the start and stop state of security policy states file status under security strategy subdirectory in core, according to security constraint file The Lateral constrained condition that msiconstraint records is to being safe plan in the corresponding core of the security strategy that enables to all start and stop states The return value of the policy permissions inspection result message file access slightly under subdirectory carries out lateral confinement judgement, if do not met Lateral constrained condition, then judge not pass through for the constraint checking of described system call request, exits the described system of execution and calls Ask and point out Insufficient privilege;Otherwise, it is determined that constraint checking passes through, redirect execution step 3.6);
3.6) execute the operation of main object in described system call request.
The present invention is had an advantage that based on the forced access control method that many strategies merge
1st, the present invention is configured to provide many strategies of interactive entrance to merge memory file system for user's space, kernel spacing System, how strategy merge the security policy information of multiple security strategies that are stored with memory file system, how strategy merges internal memory literary composition Part system can efficiently merge the Confidentiality protection model based on blp, the integrity protection model based on biba, based on dte's The security models such as multiple domain Controlling model, Capability Management Model in Capability-Based based on rbac, can solve the problem that individually management and the start and stop controls of many strategies System, supports that multiple security strategies are integrated, can effectively overcome single security strategy to be difficult to the defect of all full guard, can Realize omnibearing security control.
2nd, whether the present invention is met using the operation that parallel form judges main object in system call request respectively In security strategy pond in core the requirement of each security strategy and respectively export judged result;Received successively using serial manner and sentence Disconnected result, if receiving any judged result is not meet security strategy, exits execution system call request and points out authority Not enough;If receiving all judged results and be and meeting security strategy, according to each security strategy in security strategy pond in core Between restriction relation security constraint inspection is carried out to all judged results, if security constraint inspection is by execution system is called The operation of main object in request;If security constraint inspection is not passed through, exit execution system call request and point out to pacify Staff cultivation inspection is not passed through, and many policy permissions judge there is high efficiency, for comparing relatively many strategy serial judgements, in paralleling tactic If any judged result is not meet security strategy during inspection, directly exit, once there is certain tactful lack of competence can be as early as possible The multilvel security policy exiting execution, confidentiality and completing property being taken into account, it is possible to increase many policy permissions check efficiency, energy Enough integrated multiple security strategies carry out the forced symmetric centralization of comprehensive high-efficiency, and it is flexible, integrated simple to have a setting, has expansible Property, high security, ease for use and the good advantage of high efficiency.
Brief description
Fig. 1 is the method flow schematic diagram of the embodiment of the present invention.
Fig. 2 be the embodiment of the present invention in step 2) implementation process diagram.
Fig. 3 is the structural representation of Kernel security chained list in security strategy pond in embodiment of the present invention center.
Fig. 4 is the structural representation of each of security strategy pond scope check process in embodiment of the present invention center.
Fig. 5 is the system structure diagram of msi memory file system in the embodiment of the present invention.
Fig. 6 is the implementation process diagram of step 3) in the embodiment of the present invention.
Fig. 7 is the operation principle schematic diagram of msi memory file system in the embodiment of the present invention.
Fig. 8 is the circuit theory schematic diagram of msi memory file system in the embodiment of the present invention.
Specific embodiment
As shown in figure 1, the implementation steps of the forced access control method based on many strategy fusions for the present embodiment are as follows:
1) it is configured to provide many strategies of interactive entrance to merge (multi-strategy for user's space, kernel spacing Integration, hereinafter abbreviation msi) memory file system, be stored with msi memory file system multiple security strategies Security policy information;
2) when operating system loads kernel, initialization loads msi memory file system, and the security strategy according to storage Information sets up security strategy pond in core in operating system nucleus;
3) whether the system call request that in capturing operation system, process sends, judge the execution object of system call request Exist, if there is no then exiting;Else if existing, then main body in system call request is judged respectively using parallel form Whether the operation of object is met in security strategy pond in core with the requirement of each security strategy and generates judged result respectively, if Arbitrarily judged result is not meet security strategy then directly to exit;Judged result according to each security strategy is right comprehensively to generate The scope check result of system call request, and main object only in execution system call request under conditions of inspection is passed through Operation.
In the present embodiment, the detailed step of step 1) is as follows:
1.1) create in an operating system for carry msi memory file system /msifs catalogue ,/msifs catalogue is only Only for system security official, there is read and write access authority;
1.2) many strategy Fusion Strain file msistatus and how strategy fusion global restriction are created under/msifs catalogue Inspection result file access, how tactful Fusion Strain file msistatus is used for recording msi internal memory literary composition in current operation system Part system start and stop state, how strategy merges global restriction inspection result file access is used for record according to security strategy pond in core In between each security strategy restriction relation all judged results are carried out with the result of security constraint inspection;
1.3) operating system /etc/ catalogue under create secure configuration file msiconf, security constraint file Msiconstraint and core outer policing rule pond catalogue msipolicys, secure configuration file msiconf is used for configuration operation Msi memory file system start and stop state and the start and stop of multiple security strategy and deposit information when system starts next time, security constraint File msiconstraint be used for configuration receive all judged results be meet security strategy after horizontal stroke is carried out to judged result To constraint, under catalogue msipolicys of core outer policing rule pond, there are multiple security strategies that the outer policing rule pond of core is supported Subdirectory, any one security strategy subdirectory is with corresponding security strategy name nominating, and deposits the plan of this security strategy Rule Information catalogue policy of status information file version and this security strategy, Rule Information catalogue when slightly installing The scope check rule of this security strategy is deposited under policy.In the present embodiment, core outer policing rule pond catalogue There are multiple security strategy subdirectories that the outer policing rule pond of core is supported, any one security strategy under msipolicys Catalogue is with corresponding security strategy name nominating, and status information file when depositing the policy installation of this security strategy Version and Rule Information catalogue policy of this security strategy, have deposited this security strategy under Rule Information catalogue policy Scope check rule, therefore, it is possible to guarantee that the outer policing rule pond of core has many security strategies compatibility so that each security strategy Form orthogonal control, do not interfere with each other;And, the outer policing rule pond of core has dynamic reconfiguration, and system security official can realize Revision at any time to the start and stop setting of many security strategies and policing rule, and do not need to restart system carry out strategy and load can be just Shi Shengxiao;Additionally, the outer policing rule pond of core has flexible customizability, Dan An can be customized according to different application demands for security The enabling of the security strategy of entirely tactful, many security strategies or needs.
As shown in Fig. 2 step 2) detailed step as follows:
2.1) the command parameter information after operating system loads kernel kernel, in read operation startup procedure (being specially the cmdline information of grub in the present embodiment), if carry in command parameter information enable msi memory file system Parameter, then redirect execution step 2.2);Otherwise redirect execution step 2.10);
2.2) operating system carry root/after, general/msifs catalogue carry is as msi memory file system;
2.3) read secure configuration file msiconf, opened next time according to secure configuration file msiconf read operation system Start and stop of msi memory file system start and stop state and multiple security strategy and deposit information when dynamic;
2.4) judge whether enable msi memory file system in secure configuration file msiconf, if enabling, redirecting and holding Row step 2.5), otherwise redirect execution step 2.10);
2.5) to all security strategies deposited in secure configuration file msiconf, obtain one of them still untreated Security strategy is as current safety strategystrategy_namei
2.6) the command parameter information current safety strategy first in read operation startup procedurestrategy_ nameiStart and stop information, if command parameter information current safety strategystrategy_nameiStart and stop information be enable, then Read current safety strategy in secure configuration file msiconf furtherstrategy_nameiStart and stop information, if order Parameter information current safety strategystrateg_nameiStart and stop information, current safety strategy in secure configuration file msiconfstrateg_nameiStart and stop both information be and enable, redirect execution step 2.7), otherwise redirect execution step 2.8);
2.7) created in a corresponding core with current safety strategy strateg_namei title under/msifs catalogue and pacify Tactful subdirectory entirely, by current safety strategy under catalogue msipolicys of core outer policing rule pondstrateg_nameiStrategy During installation, status information file version is loaded onto under security strategy subdirectory in core, builds in core under security strategy subdirectory Vertical security policy states file status simultaneously is set to enable state, sets up and work as existing under security strategy subdirectory in core Front security strategystrateg_nameiScope check result policy permissions inspection result message file access, will be current Security strategystrateg_nameiAuthority in Rule Information catalogue policy under catalogue msipolicys of core outer policing rule pond Check that rule is loaded onto security strategy subdirectory in core, thus completing current safety strategystrateg_nameiSafety in core Initialization in tactful pond;
2.8) with current safety strategy under/msifs cataloguestrateg_nameiTitle create a corresponding core in Security strategy subdirectory, sets up security policy states file status and is set to disable shape under security strategy subdirectory in core State;
2.9) judge current safety strategystrateg_nameiWhether it is to deposit in secure configuration file msiconf A security strategy afterwards, if not then obtaining one of them still untreated security strategy as current safety strategystrateg_namei, redirect execution step 2.6);Otherwise judge to complete the initialization in security strategy pond in core, by safety in core Security strategy title in tactful pond is stored as Kernel security chained list in the form of chained list;Then real-time monitoring contrasts each safety Strategy status information file version, strategy under security strategy subdirectory in core in policy installation in the outer policing rule pond of core Status information file version during installation, if status information literary composition during the both of the aforesaid policy installation of any one security strategy Part version is different, then judge that security strategy is updated in the outer policing rule pond of core, by security strategy on core outer strategy rule Then in Rule Information catalogue policy under catalogue msipolicys of pond, scope check rule is loaded onto in the corresponding core of security strategy Security strategy subdirectory, thus completing the synchronized update in security strategy security strategy pond in core, redirects execution step 2.10);
2.10) according in operating system/content of etc/fstab file loads other subregions of operating system, judges behaviour The command parameter information in startup procedure the made option for file add-on security mark whether in need, if necessary for The option of file add-on security mark, then in core, security strategy pond selects a security strategy as current safety strategystrateg_nameiAnd redirect execution step 2.11), otherwise exit;
2.11) according to current safety strategystrateg_nameiThe system All Files of definition is in current safety strategystrateg_nameiUnder secure ID be marked, and write mark into the extended attribute part of file;
2.12) judge current safety strategystrateg_nameiIt is whether last peace in security strategy pond in core Strategy entirely, if not then in core security strategy pond select the security strategy of a not yet traversal as current safety strategystrateg_nameiAnd redirect execution step 2.11);Otherwise represent that in operating system, All Files has had many security policy mark Note, msi memory file system msi initialization completes.
In the present embodiment, under/msifs catalogue, security strategy in a corresponding core is created with current safety policy name Subdirectory, by status information file during the policy installation of current safety strategy under catalogue msipolicys of outer for core policing rule pond Version is loaded onto under security strategy subdirectory in core, sets up security policy states file under security strategy subdirectory in core Status simultaneously is set to enable state, sets up and examine for the authority that there is current safety strategy under security strategy subdirectory in core Come to an end the policy permissions inspection result message file access of fruit, by current safety strategy in core outer policing rule pond catalogue In Rule Information catalogue policy under msipolicys, scope check rule is loaded onto security strategy subdirectory in core, thus completing Initialization in current safety strategy security strategy pond in core, therefore, it is possible to guarantee to have how safety in security strategy pond in core Strategy compatibility, so that each security strategy forms orthogonal control, does not interfere with each other;And, have dynamic in security strategy pond in core Configurability, system security official can realize the revision at any time of the start and stop setting to many security strategies and policing rule, and is not required to System to be restarted carries out strategy loading and just can immediately come into force;Additionally, there is flexible customizability in security strategy pond in core, can root According to different application demands for security, the enabling of the security strategy of the single security strategy of customization, many security strategies or needs.
In the present embodiment, the security attribute of strategy will be enabled according in mark pond when msi memory file system initializes Each policy mandates are written in the security domain of file extent attribute, realize the mark to object;And pass through to obtain msi memory file Under each strategy subdirectory in system, the secure ID value of init_contexts is realized to each security strategy initializing all processes Main body mark.
As shown in Figure 3 and Figure 4, in security strategy pond in core, Kernel security chained list includes security domain data domain, each peace Full strategy join end to end in a secure domain formation file when index node, each node comprises the attribute mark of corresponding security strategy Know (strategy_name1:value1_a1,Strategy_name2:value1_a2,...,strategy_namen: value1_an).In core, each of security strategy pond scope check process includes security domain data domain, each safe plan Slightly join end to end formation process identification (PID) characteristic information in a secure domain, the corresponding security strategy of each identification characteristics information Attribute-bit (strategy_name1:value1_a1,Strategy_name2:value1_a2,...,strategy_ namen:value1_an).Each strategy mark storage in security domain is with dictionary format, and strategy names are with secure ID value one by one Corresponding, it is difficult to obscure, and orthogonal storage has preferable compatibility.And, the security policy mark in security domain is according to current Whether strategy enables and writes, and reduces the secure ID of not enabled strategy;Opened by security official's customization for after msi initialization The secure ID of strategy, can carry out, to this strategy, the extension that marking again is written to file by security strategy instrument Attribute;Additionally, for without labelling by security policy mark be written to extended object attribute in the case of, can pass through many The strategy that the monitoring module acquisition that strategy merges newly enables, and inform that many strategy access control modules obtain in secure ID pond The Subjective and Objective mark of current strategies, realizes the automatic expansion when the detection of Subjective and Objective authority and attribute are checked and improves shifty Corresponding mark.
As shown in figure 5, the present embodiment relate generally to the root of operating system/under two catalogues :/etc/ catalogue and/ Msifs catalogue.Have under/etc/ catalogue outside secure configuration file msiconf, security constraint file msiconstraint and core Policing rule pond catalogue msipolicys, there are the outer policing rule pond institute of core under catalogue msipolicys of core outer policing rule pond The multiple security strategy subdirectories supported are (whereinstrategy_nameiRepresent i-th security strategy, in Fig. 2, citing arranges respectively Lift four kinds of security strategies represented by tetra- subdirectories of te, mls, mic, rabc), wherein te security strategy is based on security domain A kind of security strategy that Controlling model is realized, mls security strategy is a kind of security strategy based on Confidentiality protection model realization, Mic security strategy is to protect a kind of security strategy of model realization, rbac security policy based role authority control based on completing property A kind of security strategy that simulation is realized, subdirectory is set up according to the strategy names of security strategy respectively, deposits under each Policy Directories Status information file version and this policy rule information catalogue policy during policy installation, wherein each strategy policy specific item The rule of each strategy is deposited, the rules of competence inspection of tactful access control module for how under record.Additionally ,/msifs catalogue is this The catalogue that embodiment creates, for being used for carry msi memory file system in system initialization, is supplied to system security official and leads to Cross security command instrument and realize the strategy of user's space and kernel spacing and interact.Many strategy Fusion Strain literary compositions are had under/msifs catalogue Part msistatus, how strategy merge global restriction inspection result file access, in addition to load msi memory file system complete Cheng Hou ,/msifs catalogue also includes security strategystrategy_nameiCorresponding subdirectory, list respectively in Fig. 2 te, Tetra- kinds of security strategies of mls, mic, rabc, security strategy subdirectory in corresponding tetra- cores of te, mls, mic, rabc.The present embodiment In, status information file version, security policy states when in each core, security strategy subdirectory includes at least policy installation File status and policy permissions inspection result message file access, status information file version during policy installation, are used for State value when depositing the current loading of each strategy;Security policy states file status, for depositing this tactful start and stop state, should File facilitate system security official can carry out this tactful start and stop setting by security tool as desired it is not necessary to restart system or The reinitializing of msi memory file system;Policy permissions inspection result message file access, how tactful for depositing temporarily This policy permissions inspection result information in access control module;In addition in each core, security strategy subdirectory also includes safe plan Slightly scope check rule in Rule Information catalogue policy under catalogue msipolicys of core outer policing rule pond, that is,/etc/ The file of the specific strategy information MAP under each strategy subdirectory in msipolicys catalogue, for example, with the mls of msi fusion As a example strategy, in establishment/initial_contexts subdirectory under/msifs/mls/ catalogue, the file under this catalogue can be then The mls security policy mark loading during initialization.
As shown in fig. 6, the detailed step of step 3) is as follows:
3.1) the system call request that in capturing operation system, process sends;
3.2) judge that the execution object of system call request whether there is, if execution object does not exist, report an error and move back Go out;Else if execution object exists, then redirect execution step 3.3);
3.3) read msi memory file system, inquire about first in many strategy Fusion Strain file msistatus and msi is set Whether the start and stop state of memory file system is to enable, if start and stop state is to enable, redirects execution step 3.4);If opened Stopping state is to disable, then redirect execution step 3.6);
3.4) read each security strategy of Kernel security chained list in security strategy pond in core, respectively will in a parallel fashion Each security strategy is as current safety strategy;Read safe plan in current safety strategy corresponding core under/msifs catalogue Slightly subdirectory, judges the start and stop state of security policy states file status under security strategy subdirectory in core, if start and stop shape State is to enable, then obtain the peace being endowed under current safety strategy in Subjective and Objective security strategy pond in core of system call request Full mark, and the secure ID that the Subjective and Objective of system call request is endowed is based on current safety plan in security strategy pond in core Scope check rule under slightly carries out authority judgement, if the scope check rule imparting system call request of current safety strategy The secure ID of Subjective and Objective there is operating right, then will meet in security strategy pond in the judged result write core of security strategy Policy permissions inspection result message file access under security strategy subdirectory in the corresponding core of current safety strategy;If current The secure ID of the Subjective and Objective of scope check rule imparting system call request of security strategy does not have operating right, then will not be inconsistent Close under security strategy subdirectory in the corresponding core of current safety strategy in security strategy pond in the judged result write core of security strategy Policy permissions inspection result message file access, judge not pass through for the constraint checking of described system call request, move back Go out to execute described system call request and point out Insufficient privilege;If start and stop state is to disable, directly terminate to current safety The process of strategy;Finally after the process completing all security strategies, redirect execution next step;
3.5) read each security strategy of Kernel security chained list in security strategy pond in core, obtain described security strategy pair Answer the start and stop state of security policy states file status under security strategy subdirectory in core, according to security constraint file The Lateral constrained condition that msiconstraint records is to being safe plan in the corresponding core of the security strategy that enables to all start and stop states The return value of the policy permissions inspection result message file access slightly under subdirectory carries out lateral confinement judgement, if do not met Lateral constrained condition, then judge not pass through for the constraint checking of described system call request, exits the described system of execution and calls Ask and point out Insufficient privilege;Otherwise, it is determined that constraint checking passes through, redirect execution step 3.6);
3.6) in execution system call request main object operation.
Referring to Fig. 4 understand, the present embodiment from high efficiency angle, in a parallel fashion respectively by each security strategy As current safety strategy, thus using parallel queue-type determinating mode, that is, when judging for each security strategy using simultaneously The authority detection of row, and after the process completing all security strategies, employ serial in execution authority result judgement Queue-type method is so that once the policing rule first returning detects unsuccessfully, then whole implementation procedure exits and points out do not have authority.
In the present embodiment, how tactful forced symmetric centralization module is recorded according to security constraint file msiconstraint Lateral constrained condition is to being strategy power under security strategy subdirectory in the corresponding core of the security strategy that enables to all start and stop states The return value of limit inspection result message file access carries out lateral confinement judgement, and security constraint file msiconstraint uses Longitudinally check in each single strategy, by rear, lateral confinement is carried out to overall condition when merging, prevent similar high safety level lower security When many strategies such as user or dangerous type merge, longitudinal irrationality host and guest is allowed by authority.The present embodiment is based on msi internal memory File system provides interactive entrance inside and outside core, all individually stores each son of msi memory file system between each first security strategy In catalogue, carrying out mutually being independent of when policing rule checks, do not disturbing, even if certain strategy occurs checking fault, do not affect it The access control inspection of his strategy, thus convenient and safe member carries out policing issue positioning, has the advantages that loose coupling;Secondly, Be an entirety inside each security strategy, load from the policy store of user's space and updating, to msi /msifs catalogue under should It is to come down in a continuous line that policy library loads, and by how the tactful monitoring module merging is realized upgrading in time, therefore has high cohesion Advantage.
As shown in Figure 7 and Figure 8, the present embodiment provides many strategy forced symmetric centralization moulds based on msi memory file system Block, how tactful fusion monitoring module and many policing rules memory module.(1) how tactful fusion monitoring module is then how strategy is forced Access control module provides to be supported, for providing the Kernel security chain table look-up service in security strategy pond in core, obtains msi internal memory Each safe start and stop state and version value update in Kernel security chained list, for how tactful access control module carries in file system For tactful examination scope, tactful fusion monitoring module also checks for strategy change inside and outside core simultaneously provides service.As shown in fig. 7, (security strategy 1~security strategy n) has one group of corresponding mark to each security strategy, and the mark of all security strategies is constituted Subjective and Objective identifies pond, the Subjective and Objective of system call request by how tactful forced symmetric centralization module carries out strategy inspection, thus with Subjective and Objective identify pond in mark mated, after coupling again with each security strategy (security strategy 1 in security strategy pond in core Whether the scope check rule of~security strategy n) is compared is met the judged result of security strategy, and how strategy is forced to visit Ask that control module will determine that under security strategy subdirectory in the corresponding core of current safety strategy in security strategy pond in result write core Policy permissions inspection result message file access, and the final constraint checking to system call request, constraint checking passes through The operation of main object in ability executable system call request.How tactful fusion monitoring module is mainly responsible for following function: obtains Take host and guest's object, carry out Subjective and Objective scope check;According to the system each strategy start and stop feelings providing in many strategy fusion monitoring modules Condition, obtains the corresponding secure ID having enabled strategy to Subjective and Objective;According to Subjective and Objective secure ID and process operation, query strategy The rules of competence of each policing action in regular pond;The forced symmetric centralization process that strategy judges by how, carries out many strategies parallel Judge;Overall authority judgement is carried out according to the security constraint file msiconstraint that user writes.(2) how strategy merges prison Under control module monitors msi memory file system, the more new trend of each security strategy of user's space, is synchronized to memory file system in time System msi /msifs/ catalogue under each security strategy subdirectory in, realize timely security policy synchronized update, how strategy melts Close monitoring module and monitor security strategy specific item in msistatus file and the corresponding core of security strategy under msi memory file system Start and stop status information in the lower security policy states file status of record, for how tactful access control module provides strategy to check model Enclose;How the many strategies under tactful fusion monitoring module monitors/msifs catalogue merge global restriction inspection result file access and The scope check state that policy permissions inspection result message file access under security strategy subdirectory in core returns, when in core There is not having then feeding back to during authority how strategy in policy permissions inspection result message file access under security strategy subdirectory Forced symmetric centralization module, end check;When the policy permissions inspection result information literary composition under security strategy subdirectory in all cores Part access returns when having permission, then the constraint checking result that many strategies that monitoring/msifs/access file returns merge. (3) many policing rules memory module then builds catalogue and the associated documents of each policy store of user's space, realizes msi memory file System initialization loads, and the immediate updating that can realize to security strategy pond in core by the user's space outside core, including using The self-defining revision in family space or newly-increased security strategy and scope check rule etc..
The above is only the preferred embodiment of the present invention, and protection scope of the present invention is not limited merely to above-mentioned enforcement Example, all technical schemes belonging under thinking of the present invention belong to protection scope of the present invention.It should be pointed out that for the art Those of ordinary skill for, some improvements and modifications without departing from the principles of the present invention, these improvements and modifications Should be regarded as protection scope of the present invention.

Claims (3)

1. a kind of forced access control method being merged based on many strategies is it is characterised in that implementation steps are as follows:
1) it is configured to provide many strategies of interactive entrance to merge memory file system for user's space, kernel spacing, described many Strategy merges the security policy information of multiple security strategies that are stored with memory file system;
2) when operating system loads kernel, the described many strategies of initialization loading merge memory file system, and the peace according to storage Full policy information sets up security strategy pond in core in operating system nucleus;
3) whether the system call request that in capturing operation system, process sends, judge the execution object of described system call request Exist, if there is no then exiting;Else if existing, then judged respectively in described system call request using parallel form Whether the operation of main object meets in security strategy pond in core the requirement of each security strategy and generates judged result respectively, If any judged result is not meet security strategy, directly exit;Judged result according to each security strategy described is Lai comprehensive The scope check result of symphysis paired systems call request, and under conditions of inspection is passed through, only execute described system call request The operation of middle main object;
The detailed step of described step 1) is as follows:
1.1) create in an operating system for the many strategies of carry merge memory file system /msifs catalogue, described/msifs Catalogue has read and write access authority only for system security official;
1.2) create many strategy Fusion Strain file msistatus under described/msifs catalogue and how strategy merges global restriction Inspection result file access, described many strategy Fusion Strain file msistatus are used for recording many plans in current operation system Slightly merge memory file system start and stop state, described many strategies merge global restriction inspection result file access and are used for recording root According to restriction relation between each security strategy in security strategy pond in core, all judged results are carried out with the knot of security constraint inspection Really;
1.3) operating system /etc/ catalogue under create secure configuration file msiconf, security constraint file Msiconstraint and core outer policing rule pond catalogue msipolicys, described secure configuration file msiconf is used for configuring During operating system startup next time, many strategies merge the start and stop of memory file system start and stop states and multiple security strategy and deposit letter Breath, described security constraint file msiconstraint is used for configuration and is receiving after all judged results are and meet security strategy Lateral confinement is carried out to judged result, there are the outer policing rule pond of core under catalogue msipolicys of core outer policing rule pond and propped up The multiple security strategy subdirectories held, any one security strategy subdirectory is with corresponding security strategy name nominating, and deposits Have this security strategy policy installation when status information file version and this security strategy Rule Information catalogue policy, The scope check rule of this security strategy is deposited under described Rule Information catalogue policy.
2. the forced access control methods being merged based on many strategies according to claim 1 are it is characterised in that described step 2) detailed step is as follows:
2.1) after operating system loads kernel kernel, command parameter information in read operation startup procedure, if Carry in command parameter information and enable the parameter that many strategies merge memory file system, then redirect execution step 2.2);Otherwise jump Turn execution step 2.10);
2.2) operating system carry root/after, general/msifs catalogue carry as many strategy merge memory file systems;
2.3) read described secure configuration file msiconf, according under described secure configuration file msiconf read operation system During secondary startup, many strategies merge the start and stop of memory file system start and stop states and multiple security strategy and deposit information;
2.4) judge that whether enabling many strategies in described secure configuration file msiconf merges memory file system, if enabled Then redirect execution step 2.5), otherwise redirect execution step 2.10);
2.5) to all security strategies deposited in described secure configuration file msiconf, obtain one of them still untreated Security strategy is as current safety strategy;
2.6) read the start and stop information of the command parameter information current safety strategy in described os starting program first, such as The start and stop information of really described command parameter information current safety strategy is to enable, then read described secure configuration file further The start and stop information of current safety strategy in msiconf, if the start and stop information of described command parameter information current safety strategy, institute The start and stop both information stating current safety strategy in secure configuration file msiconf is and enables, and redirects execution step 2.7), Otherwise redirect execution step 2.8);
2.7) under described/msifs catalogue, security strategy subdirectory in a corresponding core is created with current safety policy name, By status information file during the policy installation of current safety strategy under catalogue msipolicys of outer for described core policing rule pond Version is loaded onto under security strategy subdirectory in core, sets up security policy states under security strategy subdirectory in described core File status simultaneously is set to enable state, sets up and be used for there is current safety strategy under security strategy subdirectory in described core Scope check result policy permissions inspection result message file access, by current safety strategy in the outer policing rule pond of core In Rule Information catalogue policy under catalogue msipolicys, scope check rule is loaded onto security strategy subdirectory in described core, Thus completing the initialization in current safety strategy security strategy pond in core;
2.8) under described/msifs catalogue, security strategy subdirectory in a corresponding core is created with current safety policy name, Set up security policy states file status and be set to dead status under security strategy subdirectory in described core;
2.9) judge whether current safety strategy is last security strategy deposited in secure configuration file msiconf, such as Fruit is not to obtain one of them still untreated security strategy as current safety strategy, redirect execution step 2.6);Otherwise Judge to complete the initialization in security strategy pond in core, the security strategy title in security strategy pond in core is deposited in the form of chained list Store up as Kernel security chained list;Then real-time monitoring contrasts each security strategy state during policy installation in the outer policing rule pond of core Status information file version during policy installation under security strategy subdirectory in message file version, core, if any one During the both of the aforesaid policy installation of individual security strategy, status information file version is different, then judge described security strategy in core Updated in outer policing rule pond, by Rule Information under described security strategy policing rule pond catalogue msipolicys outside core In catalogue policy, scope check rule is loaded onto security strategy subdirectory in the corresponding core of described security strategy, thus completing institute State the synchronized update in security strategy security strategy pond in core, redirect execution step 2.10);
2.10) according in operating system/content of etc/fstab file loads other subregions of operating system, judges operation system Command parameter information in the system startup program option for file add-on security mark whether in need, if necessary for file The option of add-on security mark, then in core, security strategy pond selects a security strategy as current safety strategy and redirects to hold Row step 2.11), otherwise exit;
2.11) secure ID under current safety strategy for the system All Files according to current safety policy definition enters rower Note, and write mark into the extended attribute part of described file;
2.12) judge that whether current safety strategy is last security strategy in security strategy pond in core, if not then In core, security strategy pond selects the security strategy of a not yet traversal as current safety strategy and to redirect execution step 2.11);Otherwise represent that in operating system, All Files has had many security policy labelling, how strategy merges memory file system Msi initialization completes.
3. the forced access control methods being merged based on many strategies according to claim 2 are it is characterised in that described step 3) detailed step is as follows:
3.1) the system call request that in capturing operation system, process sends;
3.2) judge that the execution object of described system call request whether there is, if execution object does not exist, report an error and move back Go out;Else if execution object exists, then redirect execution step 3.3);
3.3) read described many strategies and merge memory file system, inquire about first in many strategy Fusion Strain file msistatus Whether the start and stop state that the many strategies of setting merge memory file system is to enable, if start and stop state is to enable, redirects and executes step Rapid 3.4);If start and stop state is to disable, redirect execution step 3.6);
3.4) read each security strategy of Kernel security chained list in security strategy pond in core, in a parallel fashion respectively will be each Individual security strategy is as current safety strategy;Read safe plan in current safety strategy corresponding core under described/msifs catalogue Slightly subdirectory, judges the start and stop state of security policy states file status under security strategy subdirectory in described core, if institute Stating start and stop state is to enable, then obtain current safety strategy in Subjective and Objective security strategy pond in core of described system call request Under the secure ID that is endowed, and the secure ID that the Subjective and Objective of described system call request is endowed is based on safe plan in core Slightly the scope check rule under current safety strategy in pond carries out authority judgement, if the scope check rule of current safety strategy The secure ID giving the Subjective and Objective of described system call request has operating right, then will meet the judged result of security strategy Policy permissions inspection result letter under security strategy subdirectory in the corresponding core of current safety strategy in security strategy pond in write core Breath file access;If the scope check rule of current safety strategy gives the safety of the Subjective and Objective of described system call request Mark does not have operating right, then the judged result not meeting security strategy is write current safety strategy in security strategy pond in core Policy permissions inspection result message file access under security strategy subdirectory in corresponding core, judges to call for described system The constraint checking of request does not pass through, and exits the described system call request of execution and points out Insufficient privilege;If described start and stop state For disabling, then directly terminate the process to current safety strategy;Finally after the process completing all security strategies, redirect execution Next step;
3.5) read each security strategy of Kernel security chained list in security strategy pond in core, obtain described security strategy and correspond to core The start and stop state of security policy states file status under interior security strategy subdirectory, according to security constraint file The Lateral constrained condition that msiconstraint records is to being safe plan in the corresponding core of the security strategy that enables to all start and stop states The return value of the policy permissions inspection result message file access slightly under subdirectory carries out lateral confinement judgement, if do not met Lateral constrained condition, then judge not pass through for the constraint checking of described system call request, exits the described system of execution and calls Ask and point out Insufficient privilege;Otherwise, it is determined that constraint checking passes through, redirect execution step 3.6);
3.6) execute the operation of main object in described system call request.
CN201410340911.9A 2014-07-17 2014-07-17 Multi-strategy integration based mandatory access control method Active CN104112089B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201410340911.9A CN104112089B (en) 2014-07-17 2014-07-17 Multi-strategy integration based mandatory access control method

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201410340911.9A CN104112089B (en) 2014-07-17 2014-07-17 Multi-strategy integration based mandatory access control method

Publications (2)

Publication Number Publication Date
CN104112089A CN104112089A (en) 2014-10-22
CN104112089B true CN104112089B (en) 2017-02-01

Family

ID=51708875

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201410340911.9A Active CN104112089B (en) 2014-07-17 2014-07-17 Multi-strategy integration based mandatory access control method

Country Status (1)

Country Link
CN (1) CN104112089B (en)

Families Citing this family (16)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104484617B (en) * 2014-12-05 2017-09-26 中国航空工业集团公司第六三一研究所 A kind of Access and control strategy of database method based on many strategy fusions
CN104394176B (en) * 2014-12-17 2018-05-08 中国人民解放军国防科学技术大学 A kind of webshell prevention methods based on mandatory Access Control Mechanism
CN107203715B (en) * 2016-03-18 2021-03-19 斑马智行网络(香港)有限公司 Method and device for executing system call
CN107273754A (en) * 2016-04-08 2017-10-20 中兴通讯股份有限公司 A kind of data access control method and device
CN108090361B (en) * 2016-11-22 2020-06-30 腾讯科技(深圳)有限公司 Security policy updating method and device
CN106790032B (en) * 2016-12-15 2020-04-21 华南师范大学 RBAC-based strategy fusion and sensitivity calculation method and system
CN107277023B (en) * 2017-06-28 2020-04-10 中国科学院信息工程研究所 Web-based mobile thin terminal access control method and system and thin terminal
CN113791813A (en) 2017-10-30 2021-12-14 华为技术有限公司 Method and terminal for updating SELinux security policy
GB2570474B (en) * 2018-01-26 2020-04-15 Advanced Risc Mach Ltd Region fusing
CN111669349B (en) * 2019-03-05 2022-08-05 中国环境监测总站 Data access security control method and device based on control drive management
CN109992983A (en) * 2019-04-15 2019-07-09 苏州浪潮智能科技有限公司 A kind of forced access control method, device, equipment and readable storage medium storing program for executing
CN110348234A (en) * 2019-07-01 2019-10-18 电子科技大学 Pressure access safety strategy implementation method and management method in MILS framework
CN112685729B (en) * 2020-12-25 2023-04-07 中国科学院信息工程研究所 Special mandatory access control method, system, electronic equipment and storage medium
CN113704795B (en) * 2021-09-02 2024-02-06 杭州戎戍网络安全技术有限公司 Multi-domain access control formalized modeling method based on label attribute
CN116204858A (en) * 2021-11-30 2023-06-02 华为技术有限公司 Access control method and related equipment
CN114780168B (en) * 2022-03-30 2023-04-28 全球能源互联网研究院有限公司南京分公司 Method and device for dynamically changing security policy of intelligent terminal container and electronic equipment

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101727555A (en) * 2009-12-04 2010-06-09 苏州昂信科技有限公司 Access control method for operation system and implementation platform thereof
CN101901313A (en) * 2010-06-10 2010-12-01 中科方德软件有限公司 Linux file protection system and method
EP2432186A1 (en) * 2009-05-26 2012-03-21 ZTE Corporation File uploading realization method and system for web application

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP2432186A1 (en) * 2009-05-26 2012-03-21 ZTE Corporation File uploading realization method and system for web application
CN101727555A (en) * 2009-12-04 2010-06-09 苏州昂信科技有限公司 Access control method for operation system and implementation platform thereof
CN101901313A (en) * 2010-06-10 2010-12-01 中科方德软件有限公司 Linux file protection system and method

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
访问控制框架及其在Linux中的应用研究;陈汉章等;《计算机应用研究》;20070430;第24卷(第4期);第217-222页 *

Also Published As

Publication number Publication date
CN104112089A (en) 2014-10-22

Similar Documents

Publication Publication Date Title
CN104112089B (en) Multi-strategy integration based mandatory access control method
EP3398091B1 (en) System and method for unified access control on federated database
CN103176817B (en) A kind of Linux security policy configuration based on self study
CN102906759B (en) context aware data protection
US11138323B2 (en) Blockchain-based content management system, method, apparatus, and electronic device
CN106202452A (en) The uniform data resource management system of big data platform and method
US20120197919A1 (en) Masking Sensitive Data of Table Columns Retrieved From a Database
CN102332078B (en) Method and apparatus for controlling replication processing of object
US20070056018A1 (en) Defining consistent access control policies
US8234299B2 (en) Method and system for using fine-grained access control (FGAC) to control access to data in a database
US7277827B2 (en) Device testing framework for creating device-centric scenario-based automated tests
CN107622211A (en) A kind of large data sets monarchial power limit access control method and device
CN104504014B (en) Data processing method and device based on big data platform
TW202024953A (en) Data structure reading and updating method and device and electronic equipment
Roichman et al. Fine-grained access control to web databases
CN106528269B (en) The virtual machine access control system and control method of lightweight
CN106874125A (en) Method and device for sharing system resources among multi-container systems
CN102495989A (en) Subject-label-based access control method and system
CN107239710A (en) A kind of data base authority method and system
JP2008508577A5 (en)
CN109992983A (en) A kind of forced access control method, device, equipment and readable storage medium storing program for executing
JP2010533915A (en) SECURITY SYSTEM USING DATA MASKING AND ITS DATA SECURITY METHOD
CN107480537A (en) Authority the Resources list automatic generation method and device
CN102651006A (en) Database table record locking method and device
CN109587151A (en) Access control method, device, equipment and computer readable storage medium

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
C14 Grant of patent or utility model
GR01 Patent grant