计算机应用 ›› 2009, Vol. 29 ›› Issue (09): 2319-2322.

• 信息安全 • 上一篇    下一篇

易用的操作系统安全模型的设计和实现

刘尊1,李伟华2,王涛2   

  1. 1. 西北工业大学 计算机学院
    2. 西北工业大学计算机学院
  • 收稿日期:2009-03-14 修回日期:2009-04-15 发布日期:2009-11-10 出版日期:2009-09-01
  • 通讯作者: 刘尊
  • 基金资助:
    国家级基金

Design and implementation of usable security model for operating system

  • Received:2009-03-14 Revised:2009-04-15 Online:2009-11-10 Published:2009-09-01

摘要: 提出并实现了一种应用于PC操作系统的安全模型USPM,在保证足够安全性同时具有兼容性好、无需专门配置即可使用的特点。模型使系统能够在被黑客攻击成功的情况下保证机密文件不丢失、关键文件完整性不被破坏。USPM模型通过限制那些与远程系统进行数据交换的进程的活动来保证系统的安全性,同时通过设置一些例外规则部分的允许特定进程的访问活动来提高系统的易用性,达到在安全性和易用性间的平衡。测试表明,USPM具有较好的安全性,较低的开销和很好的易用性、兼容性。

关键词: 操作系统, 安全模型, 安全规则, 易用性, 机密性, 完整性

Abstract: A Usable Security Protected Model (USPM) for operating system was proposed and implemented. This model provided enough security for operating system with good compatibility and less special configuration. With this model, one can keep the secret of confidential documents and protect important files from being damaged even after a successful attack. The authors used a rule that limited the activities of processes who communicated with the remote system to ensure the security of the operating system and a number of exceptions that permitted particular activities of particular process to improve the usability of the system. A set of tests show that the model is easy to use, and it has good security, lower costs and good compatibility.

Key words: operating system, security model, security rule, usability, confidentiality, integrity