摘要
操作系统的安全性在计算机信息系统的整体安全性中具有至关重要的作用。介绍了操作系统测评的研究背景和意义以及国内外发展现状,在阐述国内外安全评测标准、安全操作系统的原理及测评方法的基础上,依据《计算机信息系统安全等级保护操作系统技术要求》,分析了渗透测试与系统抗攻击能力的关系、渗透测试的5个阶段以及渗透测试的局限性等,提出渗透测试的总体方法和基本测试模型,并基于上述基础提出了针对4种典型操作系统漏洞检测的测试子方案。
The security of the operating system in a computer information system is critical to the security of the whole system. The research and advances of operating system testing in China and abroad are introduced. The security testing standards and the principle and testing methods of a secure operating system are described. Based on " Operating system technology requirement in computer information system seeurity protection", the relationship between the penetration testing and the system attack-resistance ability, the 5 stages in the penetration testing anti the limitations are analyzed. The overall approach and basic model of the penetration testing are presented.The test sub-programs for the 4 typical operating system vulnerabilities are proposed.
出处
《电子产品可靠性与环境试验》
2013年第A01期141-146,共6页
Electronic Product Reliability and Environmental Testing
关键词
操作系统
等级保护
软件安全性测试
渗透测试
operating system
classified protection
software security testing
penetration testing