Abstract | ||
---|---|---|
Numerous Internet security incidents have shown that support from secure operating systems is paramount to fighting threats
posed by modern computing environments. Based on the requirements of the relevant national and international standards and
criteria, in combination with our experience in the design and development of the ANSHENG v4.0 secure operating system with
high security level (hereafter simply referred to as ANSHENG OS), this paper addresses the following key issues in the design
of secure operating systems with high security levels: security architecture, security policy models, and covert channel analysis.
The design principles of security architecture and three basic security models: confidentiality, integrity, and privilege
control models are discussed, respectively. Three novel security models and new security architecture are proposed. The prominent
features of these proposals, as well as their applications to the ANSHENG OS, are elaborated. Cover channel analysis (CCA)
is a well-known hard problem in the design of secure operating systems with high security levels since to date it lacks a
sound theoretical basis and systematic analysis approach. In order to resolve the fundamental difficulties of CCA, we have
set up a sound theoretical basis for completeness of covert channel identification and have proposed a unified framework for
covert channel identification and an efficient backward tracking search method. The successful application of our new proposals
to the ANSHENG OS has shown that it can help ease and speedup the entire CCA process. |
Year | DOI | Venue |
---|---|---|
2007 | 10.1007/s11432-007-0028-3 | Science in China Series F: Information Sciences |
Keywords | Field | DocType |
secure operating systems with high security levels,security model,covert channel analysis,architecture,internet security,covert channel,security architecture,security policy,internal standard | Security convergence,Security testing,Security through obscurity,Computer security,Covert channel,Security service,Cloud computing security,Security information and event management,Mathematics,Operating system,Computer security model | Journal |
Volume | Issue | ISSN |
50 | 03 | 1862-2836 |
Citations | PageRank | References |
2 | 0.36 | 15 |
Authors | ||
2 |
Name | Order | Citations | PageRank |
---|---|---|---|
Sihan Qing | 1 | 620 | 91.02 |
Changxiang Shen | 2 | 127 | 14.57 |