1. 种灵活的强制完整性访问控制策略.
- Author
-
XU Feng, WEI Li-feng, and ZHANG Guo-yin
- Abstract
Integrity protection is an important content of computer security. Most of security OSes supported integrity protection mechanism, but integrity also may be destructed, and the protection mechanism is not flexible enough. Based on the principle of integrity protection, FIC (Flexible Integrity Control) policy is proposed and implemented under LSM (Linux Security Module). Integrity level and integrity auxiliary level is defined. FIC defines many rules including access control rules, process re-label rules and new objects labeled rules, FIC policy can protect system's integrity and process executions flexible integrity protection. Implementation effect is analyzed. Scalable requirement is pointed out. [ABSTRACT FROM AUTHOR]
- Published
- 2014
- Full Text
- View/download PDF