Abstract: Generic software wrapper (GSW) system is realized in Linux kernel. The building of the GSW system aims to provide a security framework in Linux kernel, on which many security polices, such as access control and intrusion detection, can be realized in order to protect host resources by wrapping any specified program, monitoring system calls between program and operating system, taking corresponding measures according to wrappers. The GSW runs smoothly in Linux kernel and reaches anticipated results.

Key words: Generic software wrapper(GSW), Wrapper support subsystem(WSS), Wrapper activation criteria subsystem(WACS)

摘要： 基于Linux系统设计并实现的通用软件封装器旨在操作系统内核中嵌入一个安全框架，该框架通过对指定的任何软件进行封装，实时监控软件与操作系统之间的系统调用，并依据封装器对其进行处理可实现多种安全策略(如访问控制、入侵检测)，从而保护主机资源。实验结果表明，通用软件封装器在系统内核中运行稳定，达到了预期效果。

关键词: 通用软件封装器, 封装器支持子系统, 封装器激活原则子系统