可信路径的设计与实现

可信路径为用户提供一种途径来鉴别系统,确认所交互的系统没有被篡改,从而防止特洛伊木马之类的恶意代码窃取口令或截取会话。本论针对Unix类操作系统提出了一种可信路径的完整设计,它包括可信登录和可信会话两部分,每一部分又分为控制台界面和图形界面两种情形。本文还从可信路径角度把系统划分为四个状态,并描述了它们之间的转换关系,而安全注意键则是导致状态转换的操作。基于这些转换关系可以更加容易把设计映射到实际的系统。最后,基于FreeBSD操作系统实现了安全注意键以唤醒用户与系统之间的可信路径。通过可信路径,FreeBSD能够为用户提供一个更加安全的操作环境。

Design and Implementation of Trusted Paths

The trusted path provides a way for users to authenticate computer systems so that they are assured the systems are not tampered and malicious code such as Trojan Horses couldn't steal their passwords or intercept their sessions.The paper first puts forward a complete design of trusted paths,which aims at Unix-like operating systems and consists of two parts: trusted login and trusted session,and both parts should handle the situations of console interface and graphical interface respectively.And also in accordance with the trusted path,an operating system is divided into four states and a secure attention key will lead to state transitions.With the relation of these states,the design can be more easily mapped into real operating systems.And then the paper gives an implementation through a secure attention key which invokes a trusted path between the user and the system in the FreeBSD operating system.With the trusted paths,FreeBSD can provide a much more secure operating environment for its users.