ISSN 1000-1239 CN 11-1777/TP

• Paper • Previous Articles     Next Articles

A Practical Dynamic Integrity Protection Model

Yang Tao1,2, Wang Yonggang3, Tang Liyong2, Kong Lingbo4, Hu Jianbin2, and Chen Zhong2   

  1. 1(School of Life Sciences, Tsinghua University, Beijing 100084) 2(School of Electronics Engineering and Computer Science, Peking University, Beijing, 100871) 3(National Computer Emergency Response Team and Coordination Center of China, Beijing 100029) 4(School of Software Engineering, Beijing Jiaotong University, Beijing 100044)
  • Online:2013-10-15

Abstract: Since the integrity policy model has been proposed, its maturity has always been lower than that of the confidentiality policy model. The restriction is due to integrity level dividing and usability. In this paper, different kinds of integrity models are summarized from the point of practicability with their characteristics concluded. Based on the previous discussion, this paper presents a practical dynamic integrity protection model called DMIP. It simplifies the intricacy of integrity level dividing and solves the existing problems on practicability of current integrity models especially for Linux. The DMIP is designed to preserve the integrity of system from potential network-based attacks and local malicious files. From the usability of Linux, DMIP improves the current integrity protection models. The paper also shows the invariant and constraint of DMIP model and provides formalization proof in theory.

Key words: integrity policy, formal model, dynamic integrity level, usable integrity, dynamic integrity protection model (DMIP)