Abstract: SECOS is a secure operating system with independent intellectual property right, which accords with the requirements of level 4 secure operation system technology. This paper illustrates some key issues of the system, including design method for enchancement of security, improved model from the Bell-La Padula MAC (mandatory access control) implementation , the realization of the model, formal method during the system development, conversiion channel analysis and its prevention, and secure deletion. The performance evaluation shows the design and implementation of SECOS is effective

Key words: SECOS; MAC; BLP; Convert Channel; Secure deletion

摘要： SECOS 是一个自主产权的安全操作系统，符合国家4 级标准。该文总结了SECOS 设计过程中的关键技术，包括：安全增强/改进设计方法，在Bell-La Padula 强制访问模型基础上修改建立的理论模型及其实现，系统开发过程形式化设计，隐蔽信道分析方法及防范措施，客体重用等。安全系统性能估算测试表明SECOS 的设计和实现是成功的。

关键词: 安全操作系统；强制访问控制；BLP 模型；隐蔽信道；客体重用