Computer Science

Computer Science ›› 2019, Vol. 46 ›› Issue (11A): 460-463.

• Information Security • Previous Articles     Next Articles

Dynamical Management Technology of Multi-Level Security Domain for Embedded Operating System Based on MILS

GAO Sha-sha1,2, WANG Zhong-hua1   

  1. (Xi’an Aeronautics Computing Technique Research Institute,AVIC,Xi’an 710068,China)1;
    (School of Computer Science and Technology,Xidian University,Xi’an 710071,China)2
  • Online:2019-11-10 Published:2019-11-20

PDF (PC)

802

Abstract: The embedded operating system based on MILS architecture can achieve security isolation of data from different application partitions.However,the existing embedded operating systems based on MILS architecture can not meet the need of secure migration,and cannot complete tasks’ functional reconstruction and real-time dynamic loading after the failure of task.Therefore,on the basis of analyzing the advantages and disadvantages of the existing embedded operating systems based on MILS,a task-oriented multi-level security domain management architecture was proposed.Besides,the working principle of each functional module in the architecture was described in detail,which can ensure the dynamic migration and functional reconstruction within a specific security domain.

Key words: Functional reconstruction, MILS, Multi-level security domains

CLC Number: 

  • TP393.08
[1]RUSHBY J M.Design and verification of secure systems[J].AcmSigops Operating Systems Review,1981,15(5):12-21.
[2]RUSHBY J M.Proof of separability a verification technique for a class of security kernels[C]∥International Symposium on Programming.Springer,Berlin,Heidelberg,1982:352-367.
[3]ALVES-FOSS J,OMAN P W,TAYLOR C,et al.The MILS architecture for high-assurance embedded systems[J].International Journal of Embedded Systems,2006,2(3/4):239-247.
[4]SHIELD J,CHENOWETH S,PRENDERGAST P,et al.Information Associations for Multi-Domain Applications:Addressing Data Utility in Segregated Networks[C]∥Proceedings of the Australasian Computer Science Week Multiconference.ACM,2019:4.
[5]张灯,任晓瑞,胡宁,等.基于MILS架构的安全中间件研究[J].电子技术,2013,42(7):16-19.
[6]张灯.面向多重独立安全等级架构的安全通信机制研究[D].西安:西安电子科技大学,2011.
[7]李健,陈革,叶晓芸,等.基于MILS多级安全架构的远程调试机制[J].计算机工程,2016,42(1):61-65.
[8]杨姗.基于MILS架构多级安全操作系统的若干关键技术研究[D].成都:电子科技大学,2018.
[9]石鹏.基于MILS架构的操作系统安全技术研究与实现[D].成都:电子科技大学,2016.
[10]HOM J.International Journal of Embedded Systems[J].Ismir,2012:95-100.
[11]崔西宁,王聪琳,裴庆祺,等.基于MILS CORBA的多级安全分区通信机制[J].计算机科学,2013,40(5):38-41.
[12]成亚萌.MILS系统中分区间的信息流控制[D].西安:西安电子科技大学,2012.
[13]邢薇薇.面向航空电子的分区内核关键技术研究[D].西安:西安电子科技大学,2011.
[14]TUCHS K D,HALMAI T,VAN SELM M.Multi-security domain management integration architecture for end-to-end service management in military networks[C]∥2011-MILCOM 2011 Military Communications Conference.IEEE,2011:1375-1380.
[15]潘楠,李亚晖,沈玉龙.MILS CORBA中的多级安全访问控制[J].互联网天地,2013(1):50-54.
[16]杨琼,周霆,胡宁,等.一种面向MILS的多级安全文件系统的架构设计[J].科学技术与工程,2011,11(30):7443-7447.
[17]HECKMAN M R,SCHELL R R,REED E E.A multi-level secure file sharing server and its application to a multi-level secure cloud[C]∥MILCOM 2015-2015 IEEE Military Communications Conference.IEEE,2015:1224-1229.
[18]WRONA K,OUDKERK S.Integrated content-based informa-tion security for future military systems[C]∥MILCOM 2015-2015 IEEE Military Communications Conference.IEEE,2015:1230-1235.
[1] CUI Xi-ning,WANG Cong-lin,PEI Qing-qi,LI Ya-hui and SHEN Yu-long. Multiple Security Partition Communication Mechanism Based on MILS CORBA [J]. Computer Science, 2013, 40(5): 38-41.
Viewed
Full text


Abstract

Cited
  Shared   
  Discussed   
No Suggested Reading articles found!
渝ICP备16013121号-4
Add:18# Honghu West Rd., Yubei ,Chongqing,China    Post Code: 401121
Tel: 023-63500828/023-67039612/023-67039623
E-mail: jsjkx12@163.com
Powered by Beijing Magtech Co., Ltd.