摘要
目前的安全操作系统模型有很多,以SELinux安全模型,AppArmor安全模型等为大家所熟知,基于这些强制访问控制模型的审计机制也更有不同。本文提供了一种基于轻量级DTE安全模型的审计机制,该机制中的审计信息采用固定大小格式,这样方便对其进行操作。该审计机制有效的监控了系统中主体对客体的所有访问,包括非法用户的操作和合法用户的误操作等。在系统自带的审计机制中,审计信息是系统中所有的审计记录的集合,数量相当庞大,不利于进行分析。本文提出审计开关,对审计记录中的数据进行分类处理,大大提高了检索和查找的速度。
The current security operating system model has a lot of, to SELinux security model, AppArmor security model and so on that are familiar to us,based on these mandatory access control model of audit mechanism is also more different. This paper provides a kind of audit mechanism based on lightweight DTE security model.This information of audit mechanism is fixed size format,so that it is convenient for the operation. This audit mechanism monitor effectively that the subject access to all of the object.In the system audit mechanism itself, the audit information include all of the system audit records,and quantity is large,that is against to carry on the analysis.This paper puts forward the audit switch,which can do information separation,greatly improving the retrieval and search speed.
出处
《网络安全技术与应用》
2013年第2期13-15,共3页
Network Security Technology & Application
关键词
安全模块
安全操作系统
审计机制
Security module
Security operation system
Audit mechanism