摘要
多策略融合是访问控制技术研究的重要内容.可信恢复是高等级安全操作系统的必需功能.为解决过于严格的安全策略难以推广应用的局限性,提出了一种可确保完整性策略恢复后有效性的可信恢复模型.首先给出了模型的框架结构,利用多模型融合方法,通过对类型实施模型(type enforcement,TE)和基于角色的访问控制(role-based access control,RBAC)模型的重新构造和配置,实现了形式化的Clark-Wilson完整性策略模型及其扩展模型PCW(Poveys Clark-Wilson).然后,结合文件系统的具体特点,提出静态和运行时两类恢复算法,通过分析系统日志,撤销恶意操作,使文件系统恢复到原先的一致状态.该恢复方法增强了系统的可用性,对设计和实现我国自主高等级安全操作系统的可信恢复机制进行了重要探索.
Access control is one of the most important protection mechanisms of current mainstream operating systems. It is the process of mediating every request to resources and data maintained by a system and determining whether the request should be granted or denied. The access control decision is enforced by a mechanism implementing regulations established by a security policy. There are some typical security policies of access control. The mainstream operating systems is inadequate to support multi-policy at the same time for enforcing different access control decision. Integrity of multi-policy is an important part of access control research in secure systems. Trusted recovery is the necessary function of high-level security operating system. The objective of trusted recovery is to ensure the maintenance of the security and accountability properties of a system in the face of failures. This paper presents a trusted recovery monitoring model, which can solve some limits of strict security policy for access control. Firstly, the framework of model is given. The formal Clark Wilson model and its improved model PCW (Povey's Clark-Wilson) are implemented by configuring TE (type enforcement) and RBAC (role-based access control) model. Secondly, combining the characteristics of a file system in operating system, this paper presents how to recover the file system to its last consistency secure state, in conservative and optimistic recovery policy respectively, by analyzing audit logs and undoing some malicious operations. This method can recover the system to a secure state in the face of failures and improves the availability of the system. It provides an important exploration for the design and implementation of the trusted recovery mechanisms of our own high-level secure operating system.
出处
《计算机研究与发展》
EI
CSCD
北大核心
2014年第2期360-372,共13页
Journal of Computer Research and Development
基金
国家"九七三"重点基础研究发展计划基金项目(2011CB302600)
国家"八六三"高技术研究发展计划基金项目(2011AA010601)
国家科技支撑计划课题(2012BAH45B01)
国家自然科学基金项目(61271275
61370211)
关键词
信息安全
安全操作系统
完整性策略
可信恢复
访问控制
information security
security operating system
integrity policy
trusted recovery
accesscontrol