计算机工程

• 体系结构与软件技术 • 上一篇    下一篇

一种基于管理员分权的用户特权提升机制

罗求,丁滟,陈松政   

  1. (国防科学技术大学计算机学院,长沙 410073)
  • 收稿日期:2014-11-21 出版日期:2016-04-15 发布日期:2016-04-15
  • 作者简介:罗求(1985-),男,硕士研究生,主研方向为嵌入式系统、信息安全;丁滟,助理研究员、博士;陈松政,副研究员。
  • 基金项目:
    国家自然科学基金资助项目(61202119,61502510);国家部委基金资助项目;信息保障技术重点实验室开放基金资助项目(KJ-13-105,KJ-15-101);未来网络前瞻性研究基金资助项目(BY2013095-2-08)。

A User Privilege Elevation Mechanism Based on Administrator Decentralization

LUO Qiu,DING Yan,CHEN Songzheng   

  1. (School of Computer Science,National University of Defense Technology,Changsha 410073,China)
  • Received:2014-11-21 Online:2016-04-15 Published:2016-04-15

摘要: 当前Linux系统通过限制root用户登录来防止管理员滥用权限,仅在需要执行特权操作时才允许普通用户临时提升至管理员特权。然而现有Linux系统中用户特权提升机制仅支持将权限提升至root,在启用管理员分权的安全操作系统中无法区分不同管理员的特权提升,致使用户无法处理相应的管理操作。在通过定制SELinux策略实现操作系统管理员分权的基础上,设计支持管理员分权的用户特权提升机制,根据不同特权应用的权限需求对用户权限进行验证,只有通过验证的用户才能将权限提升至应用指定的管理员特权。该机制采用DBus总线结构隔离普通用户权限与管理员特权,并利用SELinux策略对用户特权提升服务的安全性进行保护。实验结果表明,通过该机制可以有效地将普通用户权限提升至系统配置指定的管理员特权。

关键词: 操作系统安全, 特权提升, 管理员分权, 最小特权, 强制访问控制

Abstract: Current Linux systems prevent abuse of administrator privileges by restricting root login.Ordinary users are allowed to be temporarily elevated to administrator privileges when there is a need to perform privileged operations.However,the existing user privilege elevation mechanism only supports elevation to root,so the administrator decentralized operating system can not distinguish between elevations of different administrator privileges,so that the users can not handle the appropriate management operations.This paper designs an administrator decentralized user privilege elevation mechanism on the basis of customizing SELinux policy to decentralize administrator and authenticate users according to privilege requirements of different applications.Only authenticated users can elevate to the specified administrator privileges.The mechanism adopts DBus to isolate ordinary users and administrator and secures the user privilege elevation service with SELinux policy.Experimental result shows that ordinary users can effectively elevate their privileges to the specific administrator’s with the support of this mechanism.

Key words: operating system security, privilege elevation, administrator decentralization, least privilege, mandatory access control

中图分类号: