STBAC:一种新的操作系统访问控制模型

STBAC:一种新的操作系统访问控制模型

单智勇石文昌

(中国人民大学信息学院北京 100872) (教育部数据工程与知识工程重点实验室北京 100872) (中国人民大学系统与信息安全研究实验室北京 100872)(shanzhiyong@ruc.edu.cn)

出版日期: 2008-05-15

STBAC: A New Access Control Model for Operating System

Shan Zhiyong and Shi Wenchang

(School of Information, Renmin University of China, Beijing 100872) (Key Laboratory of Data Engineering & Knowledge Engineering, MOE, Beijing 100872) (Systems & Information Security Research Laboratory, Renmin University of China, Beijing 100872)

Online: 2008-05-15

摘要/Abstract

摘要： 现代操作系统的主要威胁来自网络，传统访问控制机制在这方面尚有不足.提出一种应用于操作系统的访问控制模型——STBAC，可以有效防御网络攻击，并保持较好的兼容性和易用性.即使系统被攻破，STBAC模型仍然能保护关键资源，使入侵者无法达到真正的破坏目的.STBAC模型以进行过不可信远程通信的进程为可疑感染的起点，依据感染规则追踪可疑感染进程及其子进程在内核中的活动，依据保护规则禁止可疑感染进程非法访问关键资源，以防止系统关键资源遭到破坏.对原型系统的测试表明，STBAC模型在不明显影响系统兼容性和性能的前提下，可以有效地保护系统安全.

关键词: 操作系统, 访问控制, 信息流, 安全性, 可疑感染

Abstract: With the rapid development and increasing use of network, threats to modern operating systems mostly come from network, such as buffer overflows, viruses, worms, Trojans, DOS, etc. On the other hand, as computers, especially PCs, become cheaper and easier to use, people prefer to use computers exclusively and share information through network. The traditional access control mechanisms, however, can not deal with them in a smart way. Traditional DAC in OS alone cannot defeat network attacks well. Traditional MAC is effective in maintaining security, but it has problems of application incompatibility and administration complexity. To this end, a new access control model named STBAC for operating system is proposed which can defeat attacks from network while maintaining good compatibility, simplicity and performance. Even in the cases when some processes are subverted, STBAC can still protect vital resources, so that the intruder cannot reach his／her final goal. STBAC regards processes that have done nontrustablecommunication as starting points of suspicious taint, traces the activities of the suspiciously tainted processes and their child processes by taint rules, and forbids the suspiciously tainted processes to illegally access vital resources by protection rules. The tests on the STBAC prototype show that it can protect system security effectively without imposing heavy compatibility and performance impact upon operating system.

Key words: operating system, access control, information flow, security, suspicious taint

单智勇石文昌. STBAC:一种新的操作系统访问控制模型[J]. .

Shan Zhiyong and Shi Wenchang. STBAC: A New Access Control Model for Operating System[J]. .

	作者相关文章
	单智勇石文昌

[1]	蔡涛, 王杰, 牛德姣, 刘佩瑶, 陈福丽. 基于冲突检测的高吞吐NVM存储系统[J]. 计算机研究与发展, 2020, 57(2): 257-268.
[2]	冯涛, 王帅帅, 龚翔, 方君丽. 工业以太网EtherCAT协议形式化安全评估及改进[J]. 计算机研究与发展, 2020, 57(11): 2312-2327.
[3]	陈明. 后量子前向安全的可组合认证密钥交换方案[J]. 计算机研究与发展, 2020, 57(10): 2158-2176.
[4]	张磊,杨哲慜,李明琪,杨珉. TipTracer:基于安全提示的安卓应用通用漏洞检测框架[J]. 计算机研究与发展, 2019, 56(11): 2315-2329.
[5]	纪守领,李进锋,杜天宇,李博. 机器学习模型可解释性方法、应用与安全研究综述[J]. 计算机研究与发展, 2019, 56(10): 2071-2096.
[6]	王悦,樊凯. 隐藏访问策略的高效CP-ABE方案[J]. 计算机研究与发展, 2019, 56(10): 2151-2159.
[7]	杜瑞忠,刘妍,田俊峰. 物联网中基于智能合约的访问控制方法[J]. 计算机研究与发展, 2019, 56(10): 2287-2298.
[8]	戴华东,易晓东,王彦臻,王之元,杨学军. 可持续自主学习的micROS机器人操作系统平行学习架构[J]. 计算机研究与发展, 2019, 56(1): 49-57.
[9]	吴松，王坤，金海. 操作系统虚拟化的研究现状与展望[J]. 计算机研究与发展, 2019, 56(1): 58-68.
[10]	曹珍富. 信息安全的新发展——为《计算机研究与发展》创刊六十周年而作[J]. 计算机研究与发展, 2019, 56(1): 131-137.
[11]	曹彦，黄志球，阚双龙，彭焕峰，柯昌博. 位置约束的访问控制模型及验证方法[J]. 计算机研究与发展, 2018, 55(8): 1809-1825.
[12]	王亚文,郭云飞,刘文彦,扈红超,霍树民,程国振. 面向云工作流安全的任务调度方法[J]. 计算机研究与发展, 2018, 55(6): 1180-1189.
[13]	王光波,刘海涛,王晨露,王鹏程,练琳,惠文涛. 云存储环境下可撤销属性加密[J]. 计算机研究与发展, 2018, 55(6): 1190-1200.
[14]	高瞻瞻,汤光明,王硕. 基于贝叶斯网络模型和矩阵嵌入的VoIP隐写算法[J]. 计算机研究与发展, 2018, 55(4): 854-863.
[15]	王丽娜，王凯歌，徐一波，唐奔宵，谭选择. 基于残差共生概率的隐写图像载体安全性评价[J]. 计算机研究与发展, 2018, 55(12): 2664-2673.