首页>
外国专利>
METHOD FOR ILLEGAL PRIVILEGE FLOW PREVENTION AND MANDATORY ACCESS CONTROL USING THE STATE TRANSITION MODEL OF SECURITY ROLE IN Unix/Linux SYSTEM
METHOD FOR ILLEGAL PRIVILEGE FLOW PREVENTION AND MANDATORY ACCESS CONTROL USING THE STATE TRANSITION MODEL OF SECURITY ROLE IN Unix/Linux SYSTEM
展开▼
机译:Unix / Linux系统中使用安全角色的状态转换模型的非法特权流和强制访问控制的方法
展开▼
页面导航
摘要
著录项
相似文献
摘要
A method for blocking illegal right transfer and controlling access forcibly by using a security role state transition model of a Unix/Linux system is provided to control the access forcibly in a kernel level by setting security property and applying a modified MLS(Multi-Level Security) policy to a user and a file system. A user security property setting part(101) sets, modifies, and deletes user security property, and stores the set user security property to a user security property database. A file system security property setting part sets(102) modifies, and deletes file system security property, and stores the set file system security property to a file system security property database. A system call controller(103) intercepts a system call related to access control. A security role transition state setting/controlling part forms a process security property table including a process security role state by using the user security property database when the process related to the intercepted system call is generated. A security role access controller determines permission, refuse, or comparison by comparing the security role states of the process and file system security property tables, and transfers an event determined by the comparison to a forcible access controller.
展开▼