Design of secure operating systems with high security levels - Citegraph

Paper Info

Title
Design of secure operating systems with high security levels

Abstract
Numerous Internet security incidents have shown that support from secure operating systems is paramount to fighting threats posed by modern computing environments. Based on the requirements of the relevant national and international standards and criteria, in combination with our experience in the design and development of the ANSHENG v4.0 secure operating system with high security level (hereafter simply referred to as ANSHENG OS), this paper addresses the following key issues in the design of secure operating systems with high security levels: security architecture, security policy models, and covert channel analysis. The design principles of security architecture and three basic security models: confidentiality, integrity, and privilege control models are discussed, respectively. Three novel security models and new security architecture are proposed. The prominent features of these proposals, as well as their applications to the ANSHENG OS, are elaborated. Cover channel analysis (CCA) is a well-known hard problem in the design of secure operating systems with high security levels since to date it lacks a sound theoretical basis and systematic analysis approach. In order to resolve the fundamental difficulties of CCA, we have set up a sound theoretical basis for completeness of covert channel identification and have proposed a unified framework for covert channel identification and an efficient backward tracking search method. The successful application of our new proposals to the ANSHENG OS has shown that it can help ease and speedup the entire CCA process.

Year	DOI	Venue
2007	10.1007/s11432-007-0028-3	Science in China Series F: Information Sciences
Keywords	Field	DocType
secure operating systems with high security levels,security model,covert channel analysis,architecture,internet security,covert channel,security architecture,security policy,internal standard	Security convergence,Security testing,Security through obscurity,Computer security,Covert channel,Security service,Cloud computing security,Security information and event management,Mathematics,Operating system,Computer security model	Journal
Volume	Issue	ISSN
50	03	1862-2836
Citations	PageRank	References
2	0.36	15
Authors
2

Authors (2 rows)

Cited by (2 rows)

References (15 rows)

Name	Order	Citations	PageRank
Sihan Qing	1	620	91.02
Changxiang Shen	2	127	14.57

1