中国科学院软件研究所机构知识库
Advanced  
ISCAS OpenIR  > 中科院软件所  > 中科院软件所
题名:
安全Linux操作系统审计子系统的设计与实现
作者: 任党恩
答辩日期: 2000
专业: 计算机应用技术
授予单位: 中国科学院软件研究所
授予地点: 中国科学院软件研究所
学位: 博士
关键词: 安全操作系统 ; 审计系统 ; 审计记录 ; linux核心 ; 自主访问控制 ; 强制访问控制 ; 入侵检测
摘要: 审计系统作为安全操作系统的一个重要组成部分,对于监督系统的正常运行,保障安全策略的正确实施,构造计算机入侵检测系统等都具有十分重要的意义。本文旨在论述审计系统的设计原则和具体实现方法,内容组织如下:首先介绍了计算机领域的安全现状及流行的攻击手段,这些背景信息使我们构造安全系统时具有明确的针对性;美国国防部的可信计算机评测标准(TCSEC)是目前公认的设计开发安全产品的重要指导,从它规定的各安全级别的主要特性中,我们可以了解安全系统的设计实现要求。WindowsNT和Solaris2.x都是目前主流的服务器操作系统,分析它们已有的安全审计模块,对于我们的设计有很强的指导作用,从中可以获得有益的思路和可借鉴的处理办法。在此基础上叙述基于Linux核心开发B2级安全操作系统的总体框架,并阐明审计与可信安全基(TCB)其它各部分的协同关系。然后,在审计系统的详细设计部分,着重论述审计子系统的结构模型、审计策略设定、功能模块的功分和具体实现以及审计自身的保护等,其中涉及Linux内核的重要概念,以及为审计安全相关命令而对它们所做的改造等,也进行了详细分析和描述,并给出最终的安全操作系统中的属层界面。接着,论述审计数据对于系统安全性的意义,举例说明了审计数据在入侵检测中的应用。最后,提出了几个需要进一步思考的问题,如审计数据的选择、压缩、加密和网络审计。
英文摘要: Audit is a fundamental component of any secure operating system. It will be a great assistant to safeguard the running system, ensure the practice of security policies and build intrusion detection systems. In this paper, we mainly discuss the design and implementation of an auditing system. Structure of the contents is a s follows: Firstly, background of computer security area and some typical attacks are introduced, which will show us a clear direction when we develop a secure system. Trusted Computer System Evaluation Criteria of US DoD is a well-known guideline on security designing, from characters of each security level it specifies, we can set up the security requirements of our own. NT and Solaris2.x are both popular today as server operating system, the analysis of their auditing mechanism will give us some references and valuable clues or tips in our work. Our target is to develop a secure operating system based on linux kernel at B2 level, so the entire architecture and the cooperative relationships between auditing and the other parts of Trusted Computing Base are illustrated. After that, in the detailed design and implementation part, we focus on some issues including the audit model, decision of auditing policies, division of functional modules and the comprehensive implementation, the protection of audit itself is presented as well. Some concepts of linux kernel utilized by auditing system and the modifications of security relevant applications are also described. Interfaces of auditing subsystem in the whole operating system are represented as the final result. In the next part, we talk about intrusion detection and the contributions made by audit records. Lastly, we bring out some future works such as the selection of audit data, employ of compression and encryption, and network-based auditing.
语种: 中文
内容类型: 学位论文
URI标识: http://ir.iscas.ac.cn/handle/311060/6598
Appears in Collections:中科院软件所

Files in This Item:
File Name/ File Size Content Type Version Access License
LW002120.pdf(2445KB)----限制开放-- 联系获取全文

Recommended Citation:
任党恩. 安全Linux操作系统审计子系统的设计与实现[D]. 中国科学院软件研究所. 中国科学院软件研究所. 2000-01-01.
Service
Recommend this item
Sava as my favorate item
Show this item's statistics
Export Endnote File
Google Scholar
Similar articles in Google Scholar
[任党恩]'s Articles
CSDL cross search
Similar articles in CSDL Cross Search
[任党恩]‘s Articles
Related Copyright Policies
Null
Social Bookmarking
Add to CiteULike Add to Connotea Add to Del.icio.us Add to Digg Add to Reddit
所有评论 (0)
暂无评论
 
评注功能仅针对注册用户开放,请您登录
您对该条目有什么异议,请填写以下表单,管理员会尽快联系您。
内 容:
Email:  *
单位:
验证码:   刷新
您在IR的使用过程中有什么好的想法或者建议可以反馈给我们。
标 题:
 *
内 容:
Email:  *
验证码:   刷新

Items in IR are protected by copyright, with all rights reserved, unless otherwise indicated.

 

 

Valid XHTML 1.0!
Copyright © 2007-2017  中国科学院软件研究所 - Feedback
Powered by CSpace