关键词: 安全需求, 操作系统, 安全策略, 本体, 访问控制

Abstract: With the increase of operating system security problems, the user’s security requirements toward operating system are increasing constantly, but at present there are few methods to translate user’s security requirements into security policies of current security model. By establishing matching relationship between security attributes and system calls, the security attributes are used as the constraint of authorization in system. An ontology based goal oriented model for the security policy generation of operating system is proposed. The model can support the refinement of security requirements which are described in terms of the white-list, the experience of security analysts will be added to the model. And the translation between users’ security requirements and specific security policies, and the consistency of security policy can be drawn via an OWL reasoner. The feasibility of the method is illustrated by a concrete study case.

Key words: security requirement, operating system, security policy, ontology, access control