中国科学院软件研究所机构知识库
Advanced  
ISCAS OpenIR  > 软件所图书馆  > 早期
题名:
嵌入式操作系统安全机制的设计与实现
作者: 沈松武
答辩日期: 2008-06-03
导师: 王新社
专业: 计算机应用技术
授予单位: 中国科学院研究生院
授予地点: 中国科学院软件研究所
学位: 硕士
关键词: 嵌入式操作系统 ; 数字签名 ; 访问控制 ; 网络安全 ; 安全审计
其他题名: Design and Implementation of Security Mechanism of Embedded Operating System
分类号: 暂无
索取号: 暂无
部门归属: 研究生部
摘要: 当前,智能手机平台上的手机病毒已经对人们日常使用手机产生了不良影响,并且这种影响将日益严重。手机病毒侵犯了手机用户的个人隐私,导致了手机用户的金钱损失,严重损害了手机用户的利益。为了能够有效的抵御以手机病毒为代表的嵌入式病毒,本文特做出了一些探讨。本文主要关注的是未来以智能手机为代表的开放嵌入式系统平台的系统级安全。如何在嵌入式操作系统中加入防护机制,并充分利用嵌入式系统平台的特点,来抵制恶意代码对操作系统产生的破坏,提高系统的网络安全性成为本文研究的重点。本文提出了一系列增强操作系统安全性的措施,包括制定安全策略、设计访问控制机制、增强网络安全、增加审计记录等。这一系列的措施可以使我们有效的进行事前抵御攻击和事后分析攻击。本文还引入了信任机制,即利用现有的PKI体系,来实现对程序来源可靠性、数据完整性的可信度分级,并根据不同可信级别来实行不同的访问控制。在本文所构造的系统上可以有效的防御可执行文件病毒的自我繁殖和传播,比较有效的抵御宏病毒攻击;由于引入了访问控制机制以及程序签名的概念,因此对于其他类型的恶意代码,如木马、蠕虫等,访问控制机制可以很好的限制它们的破坏行为,而审计日志则可以反映出恶意代码破坏的轨迹,从而使我们把责任追溯到程序的开发者。
英文摘要: Nowadays, mobile phone viruses have made a big influence to people’s life. They do harm to people’s privacy and benefit seriously. In order to resist the embedded viruses effectively, represented by mobile phone viruses, we had made some research. This article mainly focuses on the system level security of the embedded system platform, represented by intelligentized mobile phone. We especially pay our attention on how to utilize the features of the embedded system and how to add some information protection mechanisms to repel the baleful programs or codes, and promote the network security and system stability of the embedded operating system. We proposed a series of methods to enhance the security of the embedded system, such as design of security policies, design of access control mechanism, add of some security criteria to the network and implementation of audit record. These methods can effectively reject the attack of the baleful programs or codes, and by use of the audit record, we can analyse the attack and find out the malefactor eventually. In this article, we had made use of the Public Key Infrastructure to construct a trusted environment. According to this trusted environment, we can identify which program is trusted and which is untrusted by verifying the origin of the programs and integrity of the programs. Different trusted levels of the programs use different access control methods. In the system we designed in this article, we can resist the executable file viruses effectively and make a big constraint to the vicious code of other kinds. Most importantly, according to the audit mechanism and the access control mechanism, we can find out the vicious programs and charged the producers of these programs to be responsible for the loss of the customers.
内容类型: 学位论文
URI标识: http://ir.iscas.ac.cn/handle/311060/6126
Appears in Collections:中科院软件所图书馆_早期

Files in This Item:
File Name/ File Size Content Type Version Access License
10001_200528015029119沈松武_paper.pdf(651KB)----限制开放-- 联系获取全文

Recommended Citation:
沈松武. 嵌入式操作系统安全机制的设计与实现[D]. 中国科学院软件研究所. 中国科学院研究生院. 2008-06-03.
Service
Recommend this item
Sava as my favorate item
Show this item's statistics
Export Endnote File
Google Scholar
Similar articles in Google Scholar
[沈松武]'s Articles
CSDL cross search
Similar articles in CSDL Cross Search
[沈松武]‘s Articles
Related Copyright Policies
Null
Social Bookmarking
Add to CiteULike Add to Connotea Add to Del.icio.us Add to Digg Add to Reddit
所有评论 (0)
暂无评论
 
评注功能仅针对注册用户开放,请您登录
您对该条目有什么异议,请填写以下表单,管理员会尽快联系您。
内 容:
Email:  *
单位:
验证码:   刷新
您在IR的使用过程中有什么好的想法或者建议可以反馈给我们。
标 题:
 *
内 容:
Email:  *
验证码:   刷新

Items in IR are protected by copyright, with all rights reserved, unless otherwise indicated.

 

 

Valid XHTML 1.0!
Copyright © 2007-2017  中国科学院软件研究所 - Feedback
Powered by CSpace