| Windows下基于主机的访问控制研究与实现 |
| |
| 引用本文: | 李胜先
,王全德
,陈义
,李祥和.Windows下基于主机的访问控制研究与实现[J].微计算机信息,2005(23). |
| |
| 作者姓名: | 李胜先 王全德 陈义 李祥和 |
| |
| 作者单位: | 郑州解放军信息工程大学信息工程学院 450002 |
| |
| 基金项目: | 河南省科技局科技攻关计划项目,编号:SP200402089 |
| |
| 摘 要: | 针对目前的主机安全现状,提出了一种称之为WHIPS(Windows下的主机入侵防御系统)的主机访问控制系统,它能够对操作系统安全起至关重要作用的系统调用进行控制。WHIPS是作为一个内核驱动而实现的,也称之为内核模块,它完全使用的是Windows内核的未文档化结构,不要求对内核数据结构和算法进行修改。WHIPS对应用程序进程是完全透明的,应用程序进程的源代码不用进行任何修改和重新进行编译就可以继续正确工作。
|
| 关 键 词: | 访问控制 特权进程 关键系统调用 本机系统服务API 系统调用截获 |
Reserch And Implementation Of Host Access Control For Windows |
| |
| Li,ShengxianWang,QuandeChen,YiLi,Xianghe.Reserch And Implementation Of Host Access Control For Windows[J].Control & Automation,2005(23). |
| |
| Authors: | Li ShengxianWang QuandeChen YiLi Xianghe |
| |
| Abstract: | Presently, aiming at the host security, The paper propose an access control system based on host. called WHIPS that controls the invocation of all the system calls critical for the security of Windows OS. WHIPS is implemented as a kernel driver, also called kernel module. using undocumented structures of the Windows kernel, where it is integrate without requiring changes in the kernel data structures and algorithms. WHIPS is also transparent to the application processes that continue to work correctly with no need of source code change or recompilation. |
| |
| Keywords: | Access control Privileged processes Critical system call Native API System call interception |
| 本文献已被 CNKI 等数据库收录! |
|
