A flexible mandatory integrity access control policy

J4 ›› 2014, Vol. 36 ›› Issue (05): 836-841.

• 论文 • Previous Articles Next Articles

A flexible mandatory integrity access control policy

XU Feng1,WEI Lifeng2,ZHANG Guoyin1

（1.College of Computer Science and Technology,Harbin Engineering University,Harbin 150001;
2.College of Computer,National University of Defense Technology,Changsha 410073,China）

Received:2013-08-02 Revised:2014-01-20 Online:2014-05-25 Published:2014-05-25

Abstract

Abstract:

Integrity protection is an important content of computer security. Most of security OSes supported integrity protection mechanism, but integrity also may be destructed, and the protection mechanism is not flexible enough. Based on the principle of integrity protection, FIC (Flexible Integrity Control) policy is proposed and implemented under LSM (Linux Security Module). Integrity level and integrity auxiliary level is defined, FIC defines many rules including access control rules, process relabel rules and new objects labeled rules, FIC policy can protect system's integrity and process execution's flexible integrity protection. Implementation effect is analyzed, scalable requirement is pointed out.

Key words: integrity;access control;security OS;Linux security module(LSM)

XU Feng1,WEI Lifeng2,ZHANG Guoyin1. A flexible mandatory integrity access control policy [J]. J4, 2014, 36(05): 836-841.

A flexible mandatory integrity access control policy

PDF

Knowledge

Abstract

Cite this article

share this article

Related Articles 0

Recommended Articles

Metrics

Comments