摘要
Linux系统现行的审计机制是应用级审计,不能满足操作系统的安全要求,为此许多文献提出了Linux内核级的审计,增强了Linux的审计能力。但是在审计能力增加的同时,审计容量和运行时间也增加。根据仪器系统的特点,本文提出了可控内核审计的机制。内核级审计能够被应用程序控制,这样在实现安全性提高的同时,可控制内核审计范围,保证实时测试程序的实时性。内核审计功能的控制通过Linux的proc文件系统实现,本文详细地描述了实现过程。
Current audit mechanism of Linux is applicable-layer audit, it can not meet security requirement of OS. Many papers present kernel-layer audit that improve auditing capability, but kernel-layer audit extends auditing content end running time also. According to characteristics of instrumental system, the paper presents the realization for controllable kernel -layer audit Apptication can control the scope of kernel auditing, and real-time measuring process can ensure its running time. The paper in detail presents realizing course which uses proc file system of Linux.
出处
《网络安全技术与应用》
2005年第11期22-24,共3页
Network Security Technology & Application
基金
电子测试技术重点实验室基金项目(基金号51487010503dz104)资助。
