中国科学院软件研究所机构知识库
Advanced  
ISCAS OpenIR  > 中科院软件所  > 中科院软件所
题名:
安全操作系统开发方法的研究与实施
作者: 石文昌
答辩日期: 2001
专业: 计算机软件与理论
授予单位: 中国科学院软件研究所
授予地点: 中国科学院软件研究所
学位: 博士
关键词: 安全操作系统 ; 开发方法 ; 安全确信度 ; 安全政策 ; 安全政策格
其他题名: Research on and Enforcement of Methods of Secure Operating Systems Development
摘要: 该文以一个实际的安全操作系统开发实践为基础,结合最新的计算机安全评价国际标准(即CC标准)的框架,对安全操作系统的开发方法进行了研究,取得了5个方面的主要成果.第一,提出了奠基时期、食谱时期、多政策时期和动态政策时期的阶段划分方法.第二,首次结合实际安全操作系统的开发实践对CC标准框架下的安全操作系统开发方法进行了研究.第三,结合RS-Linux的研究与开发实践,对CC标准框架下的安全产品开发过程进行了概括和抽象,借助主观逻辑,针对在CC标准框架下建立的安全产品的安全确信度,提出了安全确信度的一种定量表示方法,为产品安全性的定量比较提供了一种有效的依据.第四,引入二层判断空间的思想,提出了多级安全政策的一种适应性实施方法(ABLP实施方法)的理论框架.第五,对安全政策格的基本思想进行了研究,以多级安全政策的ABLP实施方法的理论结果为基础,阐明了多级安全政策的历史敏感性,证明了国外一份文献中把多级安全政策断定为静态安全政策这一结论的不合理性,给出了相应文献中构造的安全政策格的一个修正方案.
英文摘要: With an experiment of building a practical secure Operating System (OS) in accordance with the philosophy of the framework of the latest international standard for computer security evaluation, i.e. the Common Criteria (CC), research on methods of secure OSs development is conducted in this paper. As a result, five principal achievements have been obtained. First, a classification method that divides the progress course of secure OSs into foundation period, cookbook period, multi-policy period and dynamic-policy period is proposed. The originating and developing procedure of the fundamental concepts, technologies and methods of secure OSs is analyzed systematically at the first time. A comprehensive perspective of the evolution process of secure OSs is presented, which lays the ground for the overall knowledge of the state of the art of secure OSs. Second, the development method of secure OSs under the CC framework is investigated at the first time with the practice of the production of a secure OS. The relationship between the development of secure OSs under the CC framework and the demand of the China Classified Criteria for Security Protection of Computer Information System (C3SPCIS) is analyzed. A secure OS named RS-Linux and based on the main stream Linux system is produced successfully following the CC spirit. The system has passed the level 3 evaluation against the C3SPCIS. Third, with the research experiment of RS-Linux, an outline and abstraction of the development process of security products under the CC framework is made, based upon which, with subjective logic, an approach for quantitative description of security assurance that may be established under the CC framework is proposed. The approach provides an effective way for quantitative comparison of the security of different security products. Fourth, by introducing the concept of the two-layer space of decision-making, the theoretical framework of an adaptable approach for Multi-Level Security (MLS) enforcement, named ABLP approach, is constructed. The strict demonstration method for the correctness of the ABLP approach is figured out, and the complete demonstration process is presented. The ABLP approach, the distinct characteristic of which is the adaptability of the current sensitivity label of a subject, enhances the flexibility of security decision-making for applications in the real world. Last but not least, the basic concept of security policy lattice is studied. Based on the theoretical result of the ABLP approach for MLS policies enforcement, it is showed that the MLS policies are of history sensitivity. The impropemess of the assertion that MLS policies are static policies, which is made in an existing technical report, is exhibited justifiably. A modified version of a security policy lattice presented in the pertinent technical report is provided. In summaiy, the principal achievements of this paper are helpful to the exploration of novel models of secure OSs development, and to the construction of basic software platforms for computer security of applications in the real word.
语种: 中文
内容类型: 学位论文
URI标识: http://ir.iscas.ac.cn/handle/311060/6530
Appears in Collections:中科院软件所

Files in This Item:
File Name/ File Size Content Type Version Access License
LW008623.pdf(2473KB)----限制开放-- 联系获取全文

Recommended Citation:
石文昌. 安全操作系统开发方法的研究与实施[D]. 中国科学院软件研究所. 中国科学院软件研究所. 2001-01-01.
Service
Recommend this item
Sava as my favorate item
Show this item's statistics
Export Endnote File
Google Scholar
Similar articles in Google Scholar
[石文昌]'s Articles
CSDL cross search
Similar articles in CSDL Cross Search
[石文昌]‘s Articles
Related Copyright Policies
Null
Social Bookmarking
Add to CiteULike Add to Connotea Add to Del.icio.us Add to Digg Add to Reddit
所有评论 (0)
暂无评论
 
评注功能仅针对注册用户开放,请您登录
您对该条目有什么异议,请填写以下表单,管理员会尽快联系您。
内 容:
Email:  *
单位:
验证码:   刷新
您在IR的使用过程中有什么好的想法或者建议可以反馈给我们。
标 题:
 *
内 容:
Email:  *
验证码:   刷新

Items in IR are protected by copyright, with all rights reserved, unless otherwise indicated.

 

 

Valid XHTML 1.0!
Copyright © 2007-2017  中国科学院软件研究所 - Feedback
Powered by CSpace