摘要
大部分安全操作系统在处理客体时,没有区分具体的客体类型,均采用统一的方法进标识,而且多数安全操作系统中采用传统访问控制方法保护的客体均是静态客体,忽略了对动态客体的保护,使得黑客或攻击者可以进行欺骗和中间人攻击,因此,安全操作系统中的动态客体并不可信。首先分析了操作系统中客体的类型,提出了可信动态客体的概念,并分析了其特点。为了防止动态客体泄露信息,提出了基于TPM的可信动态客体监管系统。一方面,该系统要求主体必须在TPM中注册,确保主体身份合法性,才能利用可信动态客体进行信息传递;另一方面,在TPM中必须存储创建该可信动态客体的属主的身份信息,以确保可信动态客体身份的合法性。最后进行了安全和性能分析,分析表明该可信动态客体监管系统可以阻止黑客利用动态客体进行欺骗和中间人攻击,防止信息泄露,为进一步建立可信计算环境提供了基础。
Most security operating system doesn't distinguish the sorts of the object, and labels them by the same method, moreover, the objects, which is protected by the traditional access control policies in most security operating system, are the static object, and ignore the dynamic object which can be utilized to cheat or man-in-the-middle attack by the hacker. So the dynamic object in the security operating system isn't trustworthy. The object types in the operating system, which are sorted into the static object and the dynamic object, are analyzed, and the conception of the trusted dynamic object is put forward. For prevent the dynamic object from leaking the information, the monitor system for the trusted dynamic object based on TPM (MSTEX2)BT) is presented. On the one hand, the MSTDOBT needs that the subject, who uses the trusted dynamic object to transfer the information, must register in TPM for authentication, on the other hand, the owner of the dynamic object must register in TPM for authentication too. Finally, we discuss the security of the MSTDOBT, it is shown that the MSTDOBT can prevent the dynamic object form being utilized to cheat or man-in-the-middle attack by hacker. All of these are the foundation forour future works.
出处
《计算机科学》
CSCD
北大核心
2008年第1期281-284,F0003,共5页
Computer Science
基金
国家863宽带VPN项目863-104-03-01课题资助
2003年度四川省科技攻关项目03GG007-007支持