Computer Engineering and Applications ›› 2007, Vol. 43 ›› Issue (33): 127-128.

• 网络、通信与安全 • Previous Articles     Next Articles

Malicious code defending model for open system

CHEN Ze-mao1,LIU Jing-chao1,ZHOU Li-bing1,SHEN Chang-xiang2   

  1. 1.Dept. of Information Security,Naval University of Engineering,Wuhan 430033,China
    2.Naval Institute of Computing Technology,Beijing 100841,China
  • Received:1900-01-01 Revised:1900-01-01 Online:2007-11-21 Published:2007-11-21
  • Contact: CHEN Ze-mao

开放系统的恶意代码防御模型

陈泽茂1,柳景超1,周立兵1,沈昌祥2   

  1. 1.海军工程大学 信息安全系,武汉 430033
    2.海军计算技术研究所,北京 100841
  • 通讯作者: 陈泽茂

Abstract: A malicious code defending model for open system is presented.It divides system into two security domains.One is named the Trusted Domain(TD) and the other is named the Untrusted Domain(UD).TD consists of all labeled objects and all authorized subjects.UD consists of all unlabeled objects and all unauthorized subjects.Rules are defined to regulate subject authorization,object access,and communications between subjects in order to confine low integrity level information in the UD thus to prevent malicious code from entering the TD.To improve system usability,a new security component named the Trusted Integrity Component(TIC) is introduced.The TIC is comprised of the Security Checking Component and the Integrity Upgrading Component.The former inspects security of all objects which are going to enter the TD,the latter upgrades the integrity level of those passed the security inspection and identifies them as members of the TD.

Key words: malicious code defending, integrity model, security model, secure operating system, trusted computing

摘要: 提出了一个适用于开放系统环境的恶意代码防御模型。把系统内部划分为可信域和不可信域,可信域由已标识客体和已授权主体构成,不可信域由未标识客体和未授权主体构成。为把低完整性级别的信息限制在不可信域以防范恶意代码对可信域的渗透和攻击,定义了主体授权规则、客体访问规则和主体通信规则。为使可信域可以安全地同外界进行信息交换,引入了可信完整性部件。可信完整性部件由安全性检查部件和可信度提升部件构成,其中前者对所有要进入可信域的客体进行安全性检查,后者把经检查被认为是安全的客体转移到可信域并提升其完整性级别,从而在不损害安全性的前提下提高系统的可用性。

关键词: 恶意代码防御, 完整性模型, 安全模型, 安全操作系统, 可信计算