中国科学院软件研究所机构知识库
Advanced  
ISCAS OpenIR  > 中科院软件所  > 中科院软件所
题名:
安全操作系统的恶意代码防御技术的研究与实施
作者: 赵庆松
答辩日期: 2002
专业: 计算机软件与理论
授予单位: 中国科学院软件研究所
授予地点: 中国科学院软件研究所
学位: 博士
关键词: 恶意代码 ; 防御技术 ; 安全操作系统 ; 权限控制 ; 完整性控制 ; 转授权模型 ; 网络安全
其他题名: Research on and Enforcement of Malware-Defending Technology of Secure Operating System
摘要: 该文以一个实际的安全操作系统开发实践为基础,针对日益严重的恶意代码威胁,对安全操作系统的恶意代码防御技术进行了研究,取得了以下六个方面的主要成果.第一,从安全操作系统的角度,首次揭示了恶意代码入侵、感染和发作等过程的本质;由此提出了安全操作系统的两种恶意代码防御技术;第二,设计了适合在安全操作系统中实施的恶意代码防御框架.从权限控制和完整性控制两方面实施了恶意代码防御技术;引入了进程完整性阈值,有效地降低了框架对高完整性可执行代码运行效率的影响.第三,把"负权限"引入到自主访问控制机制中,并给出了权限冲突解决机制;提出了"有限权限继承"机制,简化了系统授权管理;细化了访问控制粒度;支持转授权机制;在系统中实施上述自主访问控制机制,实现了用户权限控制.第四,探讨了进程权限、用户权限和可执行代码权限三者之间的关系,以用可执行代码权限的用户相关性与用户无关性,首次提出了基于进程的动态访问控制模型,从而避免了滥用进程极限;综合上述静态和动态模型,提出了基于进程的静态/动态访问控制模型,并实施于系统中,实现了进程权限控制.第五,揭示了Biba模型静态实施方案缺陷的本质,首次提出了基于先决条件的授权模型,并设计了Biba模型的动态实施方案;第六,借助角色访问控制模型,研究了转授权模型,首次提出了支持重复角色和部分角色转授权的转授权模型和支持时限的转授权模型.
英文摘要: With consideration of a variety of malware threats and security requirements, research on and enforcement of the malware-defending system in secure operating system is conducted with an experiment of implementing a practical secure operating system (SOS). As a result, six principal achievements have been obtained. First, the essence of infection and damage of malware is revealed in accordance with the properties of SOS, hence privilege control and integrity control, as two kinds of malware-defending methods are presented. The incapability of access control mechanism of Linux/Unix in defending malware is shown. Second, malware-defending framework (MDF) suitable for SOS is designed. Privilege control and integrity control are perfectly combined in MDF as two aspects of defending technology. To reduce the losing of performance of program with higher integrity, integrity threshold is introduced. Third, the concept of negative privilege is introduced into discretional access control (DAC), and conflict-resolving mechanism is given. Limited privileges inheritance mechanism simplifying authorization is presented. Control permission and access permission are distinguished and refined. Delegation is supported by our DAC. The DAC above is implemented in MDF, which realizes user privilege control. Fourth, the relationship among user privilege, program privilege and process privilege, as well as user-dependent or user-independent properties of program privilege, is analyzed. As a result, a process-based static access control (PBSAC) model is presented for the first time, which avoids misuse of owner privilege. Relationships of conflict, dependent and authorization-dependent between process privileges are defined, and rules of dynamically adjusting process privilege are given, hence presents a process-based dynamic access control (PBDAC) model for the first time, which avoids misuse of process privilege. PBS/DAC model is implemented in MDF, which combines PBSAC and PBDAC, and realizes process privilege control. Fifth, essence of defect in static implement of Biba model is shown, and a prerequisite condition-based authorization model is presented for the first time. To overcome the defect, a dynamic implement of Biba model is designed. To satisfy the requirement of multiple integrity policies, general implement of Biba model is designed. To realize integrity control of MDF, Biba model is dynamically and generally implemented in MDF, and works well. Last but not least, delegation model is studied in virtue of role-based access control, and two new delegation models are presented. One is the repeated and partial role-based delegation model, which supports repeat and partial delegation, and the other is temporal role-based delegation model, which supports temporal delegation. The two models are helpful in implementing precise privilege control, and prevent privilege misuse efficiently. In a word, the principal achievements of this dissertation are helpful for the research on and enforcement of malware-defending technology of SOS, and for the construction of secure operating system platforms with malware-defending function.
语种: 中文
内容类型: 学位论文
URI标识: http://ir.iscas.ac.cn/handle/311060/7112
Appears in Collections:中科院软件所

Files in This Item:
File Name/ File Size Content Type Version Access License
LW011196.pdf(2257KB)----限制开放-- 联系获取全文

Recommended Citation:
赵庆松. 安全操作系统的恶意代码防御技术的研究与实施[D]. 中国科学院软件研究所. 中国科学院软件研究所. 2002-01-01.
Service
Recommend this item
Sava as my favorate item
Show this item's statistics
Export Endnote File
Google Scholar
Similar articles in Google Scholar
[赵庆松]'s Articles
CSDL cross search
Similar articles in CSDL Cross Search
[赵庆松]‘s Articles
Related Copyright Policies
Null
Social Bookmarking
Add to CiteULike Add to Connotea Add to Del.icio.us Add to Digg Add to Reddit
所有评论 (0)
暂无评论
 
评注功能仅针对注册用户开放,请您登录
您对该条目有什么异议,请填写以下表单,管理员会尽快联系您。
内 容:
Email:  *
单位:
验证码:   刷新
您在IR的使用过程中有什么好的想法或者建议可以反馈给我们。
标 题:
 *
内 容:
Email:  *
验证码:   刷新

Items in IR are protected by copyright, with all rights reserved, unless otherwise indicated.

 

 

Valid XHTML 1.0!
Copyright © 2007-2017  中国科学院软件研究所 - Feedback
Powered by CSpace