Dissertation > Excellent graduate degree dissertation topics show

Research on Function Isolation Mechanism of Secure Operating System

Author: TangLing
Tutor: GongYuChang
School: University of Science and Technology of China
Course: Computer Applications
Keywords: secure operating system safety critical operating system function isolation secure architecture Servant/Exe-Flow Model
CLC: TP393.08
Type: PhD thesis
Year: 2007
Downloads: 344
Quote: 5
Read: Download Dissertation

Abstract


With the widespread application of computer technology and the rapid development of network technology, information security has become a serious problem concerned with all fields in society. As the base of security of information system, the security of operating system has spontaneously become a hotspot in academia. The research of secure operating system has entered a fast developing period. At the same time, the means of attacking on system has been increased, and the technology of attacking has been enhanced, thereby the research work of secure operating system has been challenged continually. In order to meet this austere challenge, this thesis resolutely chooses the security of operating system which is a difficult subject as its research direction.This thesis regards a new secure operating system supporting function isolation as research object, main research objects including:1. First, the theory and the technology concerned with secure operating system, including secure control technology, secure policy, secure model, typical secure and safety critical operating system, are systematically and deeply discussed and analyzed. The limitation of existing technology concerning the security of operating system is explained, and the further way of the technology is clarified;2. Because the CASP secure architecture brought by our lab is one of the base of this thesis research, the secure architecture is described in detail. The describing content includes the component and working flow of CASP, secure server, capability server and security implement mechanism, etc. And the characteristic and the virtue of CASP are also analyzed.3. The idea of function isolation and its application in secure operating system is put forward. Based on function isolation a new type of three layer secure architecture called FI-CASP is designed and described amply, including the concept and the definition concerned with function isolation, the composition and the working flow of FI-CASP, the working manner of function isolation server, the interface and the algorithm of function dividing, the component of isolation managing server and the technology of function isolation based on process and address space.4. As an example of realization of function isolation in fashionable component operating system, the function isolation is carried out in an operation system based on Servant/Exe-Flow Model. The interface of message, the function dividing server and the isolation managing server are designed in detail.5. The performance of function isolation is analyzed and evaluated. The performance of three kinds of isolation mechanisms are compared, the influence of function isolation mechanism to system efficiency is analyzed.The new contributions which are character of innovation in this thesis are as follows:1. After analyzing the limitation of existing time and space isolation technology, the new idea of realization of function isolation in secure operating system is put forward, and the algorithm of function dividing and the technology of function isolation are designed, the feasibility of function isolation is proved.2. A three layer secure architecture supporting function isolation called FI-CASP is brought out and described in detail. It is proved that FI-CASP is a model with great security, clear architecture, well flexibility and well usability, especially FI-CASP is suitable for fashionable component operating system.3. Function isolation is put into practice in a secure operating system with the named IS-Minicore which is based on Servant/Exe-Flow Model and is noted for typical character of component operating system, and the feasibility of FI-CASP architecture is validated.Integrating function isolation with the merits of existing advanced secure architecture, FI-CASP itself is provided with great secure performance which especially fits for the application fields which demands advanced security such as military aspect.

Related Dissertations

  1. Role-based access control mechanism independent Research and Implementation,TP316
  2. Study on Analysis Tools for SELinux Security Policy,TP393.08
  3. Design and Implementation of Embedded Real-Time Operating System Partition Mechanism,TP368.1
  4. Method for Analyzing Security Policies of SELinux,TP393.08
  5. Research and design of security audit subsystem of the operating system,TP393.08
  6. Automatic Analysis of Covert Channel Based on Source Codes of Linux Kernel,TP309
  7. Design and Application Research of Secure Operating System Hybrid Multiple Policy Model,TP393.08
  8. Access control policy language research and design,TP393.08
  9. Study on Tools of SELinux Policy Configuration,TP393.08
  10. Simple operating system security research and design,TP393.08
  11. Linux security enhancement technology research and,TP316.81
  12. Secure Operating System Based on LINUX,TP316.81
  13. A Review of Secure Operating System and Its Realizing Technology,TP316
  14. Research and Design of the Audit System in a 4~(th) Security Operating System,TP316
  15. Virtual Threads Architecture Basd on Network Gateway Operating System,TP316
  16. Research on Encrypted File System and Trusted Recovery of Secure Operating System,TP309
  17. Research and Implementation on Trusted Authorization Techniques in Secure Operating System,TP316
  18. Research of Access Control Technology on Role-Based Authorization,TP393.08
  19. Research and Realization on Dispatching System of Software-bus,TP273.5
  20. Ice-induced Vibration of Conical Structure and Design of Vibration Isolated Cone,P752
  21. Study of Intrusion Prevention-in-depth System,TP393.08

CLC: > Industrial Technology > Automation technology,computer technology > Computing technology,computer technology > Computer applications > Computer network > General issues > Computer Network Security
© 2012 www.DissertationTopic.Net  Mobile