Design and Implementation of Linux File Mandatory Access Control

被引：0

作者：

Tian, Liye ^{[1
,2
]}

Rong, Xing ^{[2
,3
]}

Lu, Tingting ^{[3
]}

机构：

[1] Naval Aeronaut & Astronaut Univ, Yantai, Peoples R China

[2] Beijing Univ Technol, Coll Comp Sci & Technol, Beijing, Peoples R China

[3] PLA Informat Engn Univ, Inst Elect Technol, Zhengzhou, Peoples R China

来源：

NETWORK COMPUTING AND INFORMATION SECURITY | 2012年 / 345卷

关键词：

linux security module; virtual filesystem; mandatory access control;

D O I：

暂无

中图分类号：

TP3 [计算技术、计算机技术];

学科分类号：

0812 ;

摘要：

To control file access in Linux, Linux Security Module (LSM) and Virtual Filesystem are analyzed. Based on the LSM security field & hooks, a file mandatory access control system is designed and implemented on Linux2.6.26. This system meets GB 17859-1999's requirements by preserving subject and object labels. Kernel hooks are widely used in the system to get labels and judge if an access is legal. In a simplified environment the system is tested, test result shows that the system is able to complete file mandatory access control according to security policy.

引用

页码：15 / +

页数：2

共 50 条

[1] Trusted Platform Based Linux File Access Control
Guo, Guang-liang
Qian, Quan
[J]. CIT/IUCC/DASC/PICOM 2015 IEEE INTERNATIONAL CONFERENCE ON COMPUTER AND INFORMATION TECHNOLOGY - UBIQUITOUS COMPUTING AND COMMUNICATIONS - DEPENDABLE, AUTONOMIC AND SECURE COMPUTING - PERVASIVE INTELLIGENCE AND COMPUTING, 2015, : 1390 - 1395
[2] Design and Implementation of File Access and Control System Based on Dynamic Web
GAO Fuxiang
[J]. Wuhan University Journal of Natural Sciences, 2006, (05) : 1233 - 1237
[3] Design and Implement an Novel File Access Prediction Model in Linux
刘谐
刘心松
杨峰
白英杰
[J]. Journal of Electronic Science and Technology, 2004, (02) : 36 - 41
[4] Implementation of Mandatory Access Control in Distributed Systems
Belim, S. V.
Belim, S. Yu.
[J]. AUTOMATIC CONTROL AND COMPUTER SCIENCES, 2018, 52 (08) : 1124 - 1126
[5] Design and Implementation of Hierarchical File System Based on Embedded Linux
Huang, Xiaobo
Yin, Kegong
Yun, Yonggang
[J]. 2ND INTERNATIONAL SYMPOSIUM ON COMPUTER NETWORK AND MULTIMEDIA TECHNOLOGY (CNMT 2010), VOLS 1 AND 2, 2010, : 629 - 631
[6] The Design and Implementation of Distributed File Access Middleware
Zhang, Buzhong
Jin, Haidong
[J]. DCABES 2008 PROCEEDINGS, VOLS I AND II, 2008, : 89 - +
[7] A Comparative Analysis of Linux Mandatory Access Control Policy Enforcement Mechanisms
Brimhall, Brennon
Garrard, Justin
De La Garza, Christopher
Coffman, Joel
[J]. PROCEEDINGS OF THE 2023 EUROPEAN WORKSHOP ON SYSTEM SECURITY, EUROSEC 2023, 2023, : 1 - 7
[8] Design and implementation of a random access file system for NVRAM
Zhou, Mi
Chen, Xiaogang
Liu, Yang
Li, Shunfen
Li, Gezi
Li, Xiaoyun
Song, Zhitang
[J]. IEICE ELECTRONICS EXPRESS, 2016, 13 (04):
[9] Design and implementation of a file system with on-the-fly data compression for GNU/Linux
Praveen, B
Gupta, D
Moona, R
[J]. SOFTWARE-PRACTICE & EXPERIENCE, 1999, 29 (10): : 863 - 874
[10] RWFS: Design and Implementation of File System Executing Access Control Based on User's Location
Yagi, Yuki
Kitsunezaki, Naofumi
Saito, Hiroki
Tobe, Yoshito
[J]. 2014 20TH IEEE INTERNATIONAL CONFERENCE ON PARALLEL AND DISTRIBUTED SYSTEMS (ICPADS), 2014, : 805 - 810

← 1 2 3 4 5 →