A User-based Security Model of POSIX Capabilities and Its Realization

doi:10.3969/j.issn.1000-3428.2006.21.056

Computer Engineering ›› 2006, Vol. 32 ›› Issue (21): 162-163，.

• Security Technology • Previous Articles Next Articles

A User-based Security Model of POSIX Capabilities and Its Realization

XU Ping1, LU Songnian2, YANG Shutang2

(1. .School of Information Security Engineering, Shanghai Jiaotong University, Shanghai 200240; 2. Department of Electronic Engineering, Shanghai Jiaotong University, Shanghai 200030)

Received:1900-01-01 Revised:1900-01-01 Online:2006-11-05 Published:2006-11-05

一种基于用户的Capabilities安全模型及其实现

许平1，陆松年2，杨树堂2

(1. 上海交通大学信息安全工程学院，上海 200240；2. 上海交通大学电子工程系，上海 200030)

Abstract

Abstract: This paper analyzes the disadvantage of POSIX capabilities on Linux, which also puts forward a user-based model of POSIX capabilities and its realization on Linux. And the enhancement of Linux security with the new model is analyzed as well.

Key words: Capabilities, Linux, Access control

摘要：

分析了Linux下Capabilities安全模型的不完善性，并提出了一种基于用户的Capabilities安全模型，给出了在Linux下的实现方式。同时，还分析了如何利用改进后的安全模型来增强Linux的安全性。

关键词: Capabilities, Linux, 访问控制

CLC Number:

TP309

XU Ping; LU Songnian; YANG Shutang. A User-based Security Model of POSIX Capabilities and Its Realization[J]. Computer Engineering, 2006, 32(21): 162-163，.

许平;陆松年;杨树堂. 一种基于用户的Capabilities安全模型及其实现[J]. 计算机工程, 2006, 32(21): 162-163，.

/ Recommend / Download Citations

URL:

https://www.ecice06.com/EN/Y2006/V32/I21/162

[1]	MENG Fanfeng, WANG Zicong, ZHANG Jintao, WANG Yanjing, OU Yang, WU Lizhou, XIAO Nong. Design and Implementation of a CXL Memory Pool System Based on gem5 [J]. Computer Engineering, 2025, 51(3): 180-188.
[2]	Qing'an ZHENG, Jiancheng DONG, Liang CHEN, Yingqing RUAN, Jinsong LI, Linbin XU. Research on Distributed Trusted Data Management and Privacy Protection Technology [J]. Computer Engineering, 2024, 50(7): 174-186.
[3]	Baohua HUANG, Huiying ZHENG, Xi QU, Ningjiang CHEN. Efficient Storage Access Control Scheme for Alliance Chain [J]. Computer Engineering, 2023, 49(8): 37-45.
[4]	TIAN Xiuxia, YANG Mingyi. Smart Contract-Based Access Control Mechanism in Home IoT [J]. Computer Engineering, 2023, 49(3): 18-28.
[5]	Jingyi WANG, Baixiang LIU, Ning FANG, Lingqi PENG. Anonymous Data Sharing and Access Control Based on Blockchain and Attribute-Based Cryptography [J]. Computer Engineering, 2023, 49(10): 41-52.
[6]	LIU Jing, ZHU Bingxu, LIANG Jiahang, REN Nüer, JI Haipeng. Blockchain Access Control Strategy Based on Mainchain and Sidechain Cooperation [J]. Computer Engineering, 2022, 48(3): 10-16,22.
[7]	WANG Jingyu, ZHOU Xuejuan. An Attribute-based Encryption Scheme for Ciphertext Policy that Supports Attribute Revocation [J]. Computer Engineering, 2021, 47(7): 95-100.
[8]	ZHANG Benhong, WU Haohao, YU Lei. Contention-based Time Division Multiple Access MAC Protocol in Vehicular Ad Hoc Networks [J]. Computer Engineering, 2021, 47(5): 154-159.
[9]	ZHANG Jianguo, HU Xiaohui. Research on Improved Access Control Mechanism of Internet of Things Devices Based on Ethereum [J]. Computer Engineering, 2021, 47(4): 32-39,47.
[10]	WANG Fazhen, CUI Shaohui, WANG Cheng. Device Driver Development for PXIe Reconfigurable Instrument Based on Linux [J]. Computer Engineering, 2021, 47(4): 166-172.
[11]	ZHANG Jianghui, CUI Bo, LI Ru, SHI Jinshan. Access Control System of Internet of Things Based on Smart Contract [J]. Computer Engineering, 2021, 47(4): 21-31.
[12]	ZHAN Changjian, LEI Lei, SHEN Gaoqing, LI Zhilin. Multi-Link Transmission MAC Protocol Suitable for Underwater Acoustic Sensor Network [J]. Computer Engineering, 2021, 47(2): 194-200.
[13]	HAN Shuyan, Nurmamat Helil. CP-ABE Scheme Using Selectively Hidden Tree Access Structure [J]. Computer Engineering, 2020, 46(7): 150-158.
[14]	LI Minzheng, ZI Wenbin, WANG Hao. Research on TDMA Time Slot Allocation Protocol in MAC Layer of LoRa Wireless Network [J]. Computer Engineering, 2019, 45(9): 95-99,118.
[15]	TAN Yuesheng,LU Liming,WANG Jingyu. Ciphertext Policy Encryption Scheme Based on Secure Three-party Computation [J]. Computer Engineering, 2019, 45(1): 115-120,128.

Please choose a citation manager

Content to export

A User-based Security Model of POSIX Capabilities and Its Realization

一种基于用户的Capabilities安全模型及其实现

PDF

Knowledge

Cited

Abstract

Cite this article

share this article

References

Related Articles 15

Recommended Articles

Metrics

Comments

模态框（Modal）标题

Please choose a citation manager

Content to export

A User-based Security Model of POSIX Capabilities and Its Realization

一种基于用户的Capabilities安全模型及其实现

PDF

Knowledge

Cited

Abstract

Cite this article

share this article

References

Related Articles 15

Recommended Articles

Metrics

Comments