摘要： 对图灵四级安全操作系统隐蔽通道进行了分析研究，提出了新的隐蔽通道分析方法——增强改进型语义信息流法。该方法具有工作量小、源代码级分析、能排除伪结果、帮助对隐蔽通道进行后续处理等优点。采用该方法对图灵四级安全操作系统隐蔽通道进行了标识，对隐蔽通道带宽进行了计算，并根据不同的安全策略对隐蔽通道进行了适当的处理。其分析结果达到了相关国家标准中第4级安全操作系统的规定。

关键词: 增强改进型语义信息流法, 隐蔽通道分析, 图灵四级安全操作系统, 存储隐蔽通道

Abstract: The research of covert channel analysis on Tuling SecOS2.0/4 is reported. A new covert channel identification method--modified semantic information flow method is proposed. It has less workload, can directly analyze the source code and exclude the false result, also helps the covert channel handling. It uses this method to identify the cover channels of the Tuling SecOS, computes the bandwidths accurately, and handles the covert channels according to different security policies. The result shows conform to the requirement of Level 4 security operating system in relevant national standards.

Key words: Modified semantic information flow method, Covert channel analysis, Tuling SecOS2.0/4, Storage covert channel

中图分类号: 

• TP316