| 有效防御可执行恶意代码的访问控制模型 |
| |
| 引用本文: | 谭清,韩臻. 有效防御可执行恶意代码的访问控制模型[J]. 计算机工程, 2008, 34(16): 168-170 |
| |
| 作者姓名: | 谭清 韩臻 |
| |
| 作者单位: | 北京交通大学计算机信息与技术学院,北京,100044 |
| |
| 基金项目: | 国家"973"计划基金资助项目 |
| |
| 摘 要: | 可执行恶意代码严重危害操作系统的安全,它通过进程实现对系统造成危害,能否控制进程的安全是可执行恶意代码防御中的关键问题。该文以安全操作系统的访问控制思想为基础,根据可信计算的思想和原则,提出一个防御可执行恶意代码体系中的URPP访问控制模型。该模型以进程作为核心,对进程启动进行可信度量以及最小权限的约束。实践证明,URPP模型能够有效地抑制可执行恶意代码对系统造成的危害。
|
| 关 键 词: | 可执行恶意代码 URPP访问控制模型 基于角色的访问控制 可信度量 |
| 修稿时间: | |
Access Control Model of Defending Operating System Against Executable Malicious Code Effectively |
| |
| TAN Qing,HAN Zhen. Access Control Model of Defending Operating System Against Executable Malicious Code Effectively[J]. Computer Engineering, 2008, 34(16): 168-170 |
| |
| Authors: | TAN Qing HAN Zhen |
| |
| Affiliation: | (School of Computer Information and Technology, Beijing Jiaotong University, Beijing 100044) |
| |
| Abstract: | The harm which is done by executable malicious codes through controlling the processes becomes more and more severe to operating systems. So ensuring the security of process is the key to the operating system security. Based on theory and conception of secure operating system and trusted computing, an access control model named URPP is shown, which can defend operating system against the harm done by executable malicious code. URPP takes the process as a core element, measures the reliability and restricts the minimized privilege to the initializing processes. The URPP model applied to operating system security reinforces production successfully, and defends operating system against the executable malicious code effectively. |
| |
| Keywords: | executable malicious code URPP access control model role-based access control trust measurement |
| 本文献已被 CNKI 维普 万方数据 等数据库收录! |
| 点击此处可从《计算机工程》浏览原始摘要信息 |
|
点击此处可从《计算机工程》下载免费的PDF全文 |
