基于Linux的嵌入式操作系统内核级安全的研究
|
摘要
随着嵌入式系统的广泛应用以及网络技术的飞速发展,安全性也显得越来越重要。嵌入式操作系统在嵌入式系统中占有很重要的地位,特别是对增强嵌入式系统的安全性方面,操作系统具有核心性的地位。
本文指出了嵌入式操作系统与通用操作系统的不同,分析了安全操作系统的结构、安全功能和开发方法,确定采用改进/增强法实现嵌入式Linux操作系统内核级的安全。
本文分析了Linux内核特征以及Linux的核心数据结构。结合嵌入式操作系统以及安全操作系统的特点和要求,对Linux操作系统的安全性加以分析,并按照安全标准的要求,在Linux内核中加入了强制访问控制机制,来增强嵌入式操作系统的安全性。强制访问控制机制主要用来阻止特洛伊木马对计算机系统的恶意攻击和破坏。
本文还实现了内核级的审计机制。其实现是将Linux操作系统原应用程序级的审计机制改进为内核级的审计方法,这样避免了某些可绕过应用程序级审计的恶意代码对系统进行攻击而无法进行事后追踪。
With the widely use of embedded system and rapid development of network technology, security was becoming more and more important to embedded system. Embedded operating system was so important to embedded system that its security was important.
The difference between the embedded operating system and the general operating system was pointed out, the structure and the security function and the method of the secure operating system were analyzed in the article. The improvement- enhancement method was used to realize the kernel security of the embedded Linux operating system.
The characteristic of the Linux kernel and the main data structure of the Linux were analyzed. The security of the Linux was analyzed, and the characteristic and the necessary of the embedded operating system and the secure operating system were considered. The mandatory access control mechanism in the Linux kernel according to the security criterion was completed, which was to enhance the security of the embedded operating system. The mandatory access control mechanism was mainly used to protect the computer system against the attacking and the destruction from the Trojan horse.
The audit mechanism was realized in the kernel. The audit mechanism that was realized at application procedure level in the Linux original was completed at the kernel. That was to avoid some vicious code that could escape from the original audit mechanism attacking the system, and made a record of the attacking.
本文指出了嵌入式操作系统与通用操作系统的不同,分析了安全操作系统的结构、安全功能和开发方法,确定采用改进/增强法实现嵌入式Linux操作系统内核级的安全。
本文分析了Linux内核特征以及Linux的核心数据结构。结合嵌入式操作系统以及安全操作系统的特点和要求,对Linux操作系统的安全性加以分析,并按照安全标准的要求,在Linux内核中加入了强制访问控制机制,来增强嵌入式操作系统的安全性。强制访问控制机制主要用来阻止特洛伊木马对计算机系统的恶意攻击和破坏。
本文还实现了内核级的审计机制。其实现是将Linux操作系统原应用程序级的审计机制改进为内核级的审计方法,这样避免了某些可绕过应用程序级审计的恶意代码对系统进行攻击而无法进行事后追踪。
With the widely use of embedded system and rapid development of network technology, security was becoming more and more important to embedded system. Embedded operating system was so important to embedded system that its security was important.
The difference between the embedded operating system and the general operating system was pointed out, the structure and the security function and the method of the secure operating system were analyzed in the article. The improvement- enhancement method was used to realize the kernel security of the embedded Linux operating system.
The characteristic of the Linux kernel and the main data structure of the Linux were analyzed. The security of the Linux was analyzed, and the characteristic and the necessary of the embedded operating system and the secure operating system were considered. The mandatory access control mechanism in the Linux kernel according to the security criterion was completed, which was to enhance the security of the embedded operating system. The mandatory access control mechanism was mainly used to protect the computer system against the attacking and the destruction from the Trojan horse.
The audit mechanism was realized in the kernel. The audit mechanism that was realized at application procedure level in the Linux original was completed at the kernel. That was to avoid some vicious code that could escape from the original audit mechanism attacking the system, and made a record of the attacking.
引文
[1] 石文昌,孙玉芳.安全操作系统研究的发展(上).计算机科学.2002,29(6):5-12页
[2] 石文昌,孙玉芳.安全操作系统研究的发展(下).计算机科学.2002,29(7):9-13页
[3] 刘海峰,卿斯汉,刘文清.安全操作系统审计的设计与实现.计算机研究与发展.2001,38(10):1262-1268页
[4] 李军,孙玉芳.计算机安全和安全模型.计算机研究与发展.1996,33(4):313-320页
[5] 石文昌,孙玉芳,梁洪亮等.安全Linux内核安全功能的设计与实现.计算机研究与发展.2001,38(10):1255-1261页
[6] 胡希明,毛德操.Linux内核源代码情景分析(上、下).浙江大学出版社,2001
[7] P. Kocher, R. Lee, G. McGraw, A. Raghunathan and S. Ravi. Security as a New Dimension in Embedded System Design. Design Automation Conference, 41st Conference on (DAC'04), 2004:753-760P
[8] 陈莉君.深入分析Linux内核源代码.人民邮电出版社,2002:4-5页,99-108页,292-315页
[9] O. Oragnick. The Multics System: An Examination of its Structure. MIT Press, Cambridge, MA, USA, 1972
[10] 中华人民共和闺公共安全行业标准.计算机信息系统安全等级保护操作系统技术要求.GA/T 388-2002
[11] 刘瑜,袁宏春.BLP安全模型在Linux系统增强中的应用与实现.计算机应用.2004,24(7):105-107页
[12] 须文波,欧爱辉,张星烨.Linux安全操作系统的设计与实现.计算机与现代化.2003:15-17页
[13] 俞佳.安全操作系统的设计方法.信息系统工程.1996,9(4):41-44页
[14] Choudhary A. R. Security-auditing in a softswitch. Information??Assurance Workshop, IEEE Systems, Man and Cybernetics Society, 2003:292-293P
[15] 贾春福,徐伟,郑辉.Linux系统内核级安全审计方法研究.计算机工程与应用.2002:53-55页
[16] 王成,刘金刚.基于LinUX的嵌入式操作系统的研究现状及发展展望.微型机与应用.2004:4-6页
[17] R. S. Sandhu, Pierrangela Samarati. Access Control: Principle and Practice. IEEE Communications, 1994,32(9):40-48P
[18] 付志峰,张焕国.SELinux中访问控制机制的分析.计算机工程.2003,29(14):1-3页
[19] 毛玉萃.安全操作系统中的存取控制.大连大学学报.2004,25(4):60-63页
[20] 吴圣宁,吴海平.嵌入式操作系统规范化内核设计研究.计算机工程.2001,27(3):154-156页
[21] Smith, C.L. Developments in security technology. Malaysian Safety and Security Journal, 1996:9-26P
[22] Smith C.L, Robinson. The Understanding of Security Technology and It' s Applications. IEEE, 1999:26-37P
[23] Barr M. Architecting. Embedded System for Add-on Software Module. Embedded System Conderence, San Jose, CA, 1999
[24] 陈翌,田捷,王金刚.嵌入式软件开发技术.北京:国防工业出版社.2003:1-3页
[25] Trusted Information Systems, Inc. Trusted Mach System Architecture, 1995
[26] David F Ferraiolo, Ravi Sandhu, Serban Gavrila, D Richard Kubn, Ramaswamy Chandramouli. Proposed NIST Standard for Role-Based Access Control. ACM Transactions on Information and System Security, 2001, 4(3):224-274P
[27] D. D. Clark, D. R. Wilson. A Comparison of Commercial and Military Computer Security Policies. In: Proc. of the IEEE Symposium on??Security and Privacy, Oakland, April 1987:184-195P
[28] D. Brewer, M. Nash. The Chinese Wall Security Policy. In: Proc. of IEEE Symposium on Security and Privacy, Oakland, May 1989:206-214P
[29] R. S. Sandu, E. J. Loyne, et al. Role-Based Access Control Models. IEEE Transaction on Computer, 1996,29(2):38-47P
[30] 赵亮,茅兵,谢立.访问控制研究综述.计算机工程.2004,30(2):1-2页,189页
[31] Wright C., Cowan C. Linux Security Modules: General Security Support for the Linux Kernel, 2002
[32] Lo E. C, Marchand M. Security Audit: a case study. IEEE Electrical and Computer Engineering, Canadian, 2004:193-196P
[33] COSIX V2.0安全子系统项目组.COSIX V2.0安全子系统概要设计说明书.DDPDS-OS-SE-V2.0.中国计算机软件与技术服务总公司.1993
[34] 马永光,席亚宾,林永君.基于Linux的嵌入式操作系统的研究.http://www.ccw.com.cn/cio/research/info/htm2003/20031111_11ZBC.asp
[35] Vxworks的介绍. http://www.felab.ustc.edu.cn/luzy/vxworks/vxworks.htm
[36] http://www.wx800.com/msg/2003/08/20/f01123.php
[37] 陈爱民,于康友,管海明.计算机的安全和保密.电子工业出版社,1992.9:146-149页
[38] 李善平等著.Linux内核2.4版源代码分析大全.机械工业出版社,2002
[39] M. Bishop. A Standard Audit Log Format. Proc. of the 1995 National Information Systems Security Conference, Baltimore, Maryland, 1995:136-145P
[40] Naji Habra, Baudouin Le Charlier, Abdelaziz Mounji, Isabelle Mathieu. ASAX: Software Architecture and Rule-Based Language for Universal Audit Trail Analysis. European Sysposium on Research in Computer Security(ESORICS), 1992:435-450P
[2] 石文昌,孙玉芳.安全操作系统研究的发展(下).计算机科学.2002,29(7):9-13页
[3] 刘海峰,卿斯汉,刘文清.安全操作系统审计的设计与实现.计算机研究与发展.2001,38(10):1262-1268页
[4] 李军,孙玉芳.计算机安全和安全模型.计算机研究与发展.1996,33(4):313-320页
[5] 石文昌,孙玉芳,梁洪亮等.安全Linux内核安全功能的设计与实现.计算机研究与发展.2001,38(10):1255-1261页
[6] 胡希明,毛德操.Linux内核源代码情景分析(上、下).浙江大学出版社,2001
[7] P. Kocher, R. Lee, G. McGraw, A. Raghunathan and S. Ravi. Security as a New Dimension in Embedded System Design. Design Automation Conference, 41st Conference on (DAC'04), 2004:753-760P
[8] 陈莉君.深入分析Linux内核源代码.人民邮电出版社,2002:4-5页,99-108页,292-315页
[9] O. Oragnick. The Multics System: An Examination of its Structure. MIT Press, Cambridge, MA, USA, 1972
[10] 中华人民共和闺公共安全行业标准.计算机信息系统安全等级保护操作系统技术要求.GA/T 388-2002
[11] 刘瑜,袁宏春.BLP安全模型在Linux系统增强中的应用与实现.计算机应用.2004,24(7):105-107页
[12] 须文波,欧爱辉,张星烨.Linux安全操作系统的设计与实现.计算机与现代化.2003:15-17页
[13] 俞佳.安全操作系统的设计方法.信息系统工程.1996,9(4):41-44页
[14] Choudhary A. R. Security-auditing in a softswitch. Information??Assurance Workshop, IEEE Systems, Man and Cybernetics Society, 2003:292-293P
[15] 贾春福,徐伟,郑辉.Linux系统内核级安全审计方法研究.计算机工程与应用.2002:53-55页
[16] 王成,刘金刚.基于LinUX的嵌入式操作系统的研究现状及发展展望.微型机与应用.2004:4-6页
[17] R. S. Sandhu, Pierrangela Samarati. Access Control: Principle and Practice. IEEE Communications, 1994,32(9):40-48P
[18] 付志峰,张焕国.SELinux中访问控制机制的分析.计算机工程.2003,29(14):1-3页
[19] 毛玉萃.安全操作系统中的存取控制.大连大学学报.2004,25(4):60-63页
[20] 吴圣宁,吴海平.嵌入式操作系统规范化内核设计研究.计算机工程.2001,27(3):154-156页
[21] Smith, C.L. Developments in security technology. Malaysian Safety and Security Journal, 1996:9-26P
[22] Smith C.L, Robinson. The Understanding of Security Technology and It' s Applications. IEEE, 1999:26-37P
[23] Barr M. Architecting. Embedded System for Add-on Software Module. Embedded System Conderence, San Jose, CA, 1999
[24] 陈翌,田捷,王金刚.嵌入式软件开发技术.北京:国防工业出版社.2003:1-3页
[25] Trusted Information Systems, Inc. Trusted Mach System Architecture, 1995
[26] David F Ferraiolo, Ravi Sandhu, Serban Gavrila, D Richard Kubn, Ramaswamy Chandramouli. Proposed NIST Standard for Role-Based Access Control. ACM Transactions on Information and System Security, 2001, 4(3):224-274P
[27] D. D. Clark, D. R. Wilson. A Comparison of Commercial and Military Computer Security Policies. In: Proc. of the IEEE Symposium on??Security and Privacy, Oakland, April 1987:184-195P
[28] D. Brewer, M. Nash. The Chinese Wall Security Policy. In: Proc. of IEEE Symposium on Security and Privacy, Oakland, May 1989:206-214P
[29] R. S. Sandu, E. J. Loyne, et al. Role-Based Access Control Models. IEEE Transaction on Computer, 1996,29(2):38-47P
[30] 赵亮,茅兵,谢立.访问控制研究综述.计算机工程.2004,30(2):1-2页,189页
[31] Wright C., Cowan C. Linux Security Modules: General Security Support for the Linux Kernel, 2002
[32] Lo E. C, Marchand M. Security Audit: a case study. IEEE Electrical and Computer Engineering, Canadian, 2004:193-196P
[33] COSIX V2.0安全子系统项目组.COSIX V2.0安全子系统概要设计说明书.DDPDS-OS-SE-V2.0.中国计算机软件与技术服务总公司.1993
[34] 马永光,席亚宾,林永君.基于Linux的嵌入式操作系统的研究.http://www.ccw.com.cn/cio/research/info/htm2003/20031111_11ZBC.asp
[35] Vxworks的介绍. http://www.felab.ustc.edu.cn/luzy/vxworks/vxworks.htm
[36] http://www.wx800.com/msg/2003/08/20/f01123.php
[37] 陈爱民,于康友,管海明.计算机的安全和保密.电子工业出版社,1992.9:146-149页
[38] 李善平等著.Linux内核2.4版源代码分析大全.机械工业出版社,2002
[39] M. Bishop. A Standard Audit Log Format. Proc. of the 1995 National Information Systems Security Conference, Baltimore, Maryland, 1995:136-145P
[40] Naji Habra, Baudouin Le Charlier, Abdelaziz Mounji, Isabelle Mathieu. ASAX: Software Architecture and Rule-Based Language for Universal Audit Trail Analysis. European Sysposium on Research in Computer Security(ESORICS), 1992:435-450P