Abstract:
The problem about security and vulnerability of SELinux policy server in mainstream operating system is analyzed. This paper introduces the definition of trusted characteristic, and puts forward a SELinux policy server architecture based on trusted characteristic. This method can solve the problem of vulnerability effectively by building user-space security server and policy management server, and the problem of security by carrying out trusted characteristic of trusted entities. It provides a new way to perfect SELinux.
Key words:
trusted computing,
Security Enhanced Linux(SELinux),
policy server,
trusted characteristic,
Policy Management Server(PMS)
摘要:
对SELinux策略服务器在安全性和脆弱性方面存在的问题进行分析,基于可信计算提出信任特征的概念,将其引入到SELinux策略服务器的设计中,给出一种基于信任特征的SELinux策略服务器体系结构。通过用户空间安全服务器与策略管理服务器的构建解决脆弱性问题,提供可信实体信任特征,解决安全性问题,有效完善了SELinux体系结构。
关键词:
可信计算,
安全增强Linux,
策略服务器,
信任特征,
策略管理服务器
CLC Number:
XU Ning; YANG Meng-meng; LIU Wen-qing. Design and Application of Trusted Characteristic in SELinux Policy Server[J]. Computer Engineering, 2008, 34(12): 254-256.
徐 宁;杨梦梦;刘文清. 信任特征在SELinux策略服务器中的设计与应用[J]. 计算机工程, 2008, 34(12): 254-256.