Numerous Internet security incidents have shown that support from secure operating systems is paramount to fighting threats posed by modern computing environments. Based on the requirements of the relevant national an...Numerous Internet security incidents have shown that support from secure operating systems is paramount to fighting threats posed by modern computing environments. Based on the requirements of the relevant national and international standards and criteria, in combination with our experience in the design and development of the ANSHENG v4.0 secure operating system with high security level (hereafter simply referred to as ANSHENG OS), this paper addresses the following key issues in the design of secure operating systems with high security levels: security architecture, security policy models, and covert channel analysis. The design principles of security architecture and three basic security models: confidentiality, integrity, and privilege control models are discussed, respectively. Three novel security models and new security architecture are proposed. The prominent features of these proposals, as well as their applications to the ANSHENG OS, are elaborated. Cover channel analysis (CCA) is a well-known hard problem in the design of secure operating systems with high security levels since to date it lacks a sound theoretical basis and systematic analysis approach. In order to resolve the fundamental difficulties of CCA, we have set up a sound theoretical basis for completeness of covert channel identification and have proposed a unified framework for covert channel identification and an efficient backward tracking search method. The successful application of our new proposals to the ANSHENG OS has shown that it can help ease and speedup the entire CCA process.展开更多
A view in object oriented databases corresponds to virtual schemawith restructured generalization and decomposition hierarchies. Numbers of viewcreation methodologies have been proposed. A major drawback of existing m...A view in object oriented databases corresponds to virtual schemawith restructured generalization and decomposition hierarchies. Numbers of viewcreation methodologies have been proposed. A major drawback of existing method-ologies is that they do not maintain the closure property. That is, the result of aquery does not have the same semantics as embodied in the object oriented datamodel. Therefore, this paper presents a view creation methodology that derives aclass in response to a user's query, integrates derived class in global schema (i.e.,considers the problem of classes moving in class hierarchy) and selects the requiredclasses from global schema to create the view for user's query. Novel idea of viewcreation includes: (a) an object algebra for class derivation and customization (wherethe derived classes in terms of object instances and procedure/methods are studied),(b) maintenance of closure property, and (c) classification algorithm which providesmechanism to deal with the problem of a class moving in a class hierarchy.展开更多
基金the Natural Science Foundation of Beijing (Grant No. 4052016)the National Natural Science Foundation of China (Grant No. 60573042)the National Grand Fundamental Research 973 Program of China (Grant No. G1999035802)
文摘Numerous Internet security incidents have shown that support from secure operating systems is paramount to fighting threats posed by modern computing environments. Based on the requirements of the relevant national and international standards and criteria, in combination with our experience in the design and development of the ANSHENG v4.0 secure operating system with high security level (hereafter simply referred to as ANSHENG OS), this paper addresses the following key issues in the design of secure operating systems with high security levels: security architecture, security policy models, and covert channel analysis. The design principles of security architecture and three basic security models: confidentiality, integrity, and privilege control models are discussed, respectively. Three novel security models and new security architecture are proposed. The prominent features of these proposals, as well as their applications to the ANSHENG OS, are elaborated. Cover channel analysis (CCA) is a well-known hard problem in the design of secure operating systems with high security levels since to date it lacks a sound theoretical basis and systematic analysis approach. In order to resolve the fundamental difficulties of CCA, we have set up a sound theoretical basis for completeness of covert channel identification and have proposed a unified framework for covert channel identification and an efficient backward tracking search method. The successful application of our new proposals to the ANSHENG OS has shown that it can help ease and speedup the entire CCA process.
文摘A view in object oriented databases corresponds to virtual schemawith restructured generalization and decomposition hierarchies. Numbers of viewcreation methodologies have been proposed. A major drawback of existing method-ologies is that they do not maintain the closure property. That is, the result of aquery does not have the same semantics as embodied in the object oriented datamodel. Therefore, this paper presents a view creation methodology that derives aclass in response to a user's query, integrates derived class in global schema (i.e.,considers the problem of classes moving in class hierarchy) and selects the requiredclasses from global schema to create the view for user's query. Novel idea of viewcreation includes: (a) an object algebra for class derivation and customization (wherethe derived classes in terms of object instances and procedure/methods are studied),(b) maintenance of closure property, and (c) classification algorithm which providesmechanism to deal with the problem of a class moving in a class hierarchy.