Research on Function Isolation Mechanism of Secure Operating System
|School||University of Science and Technology of China|
|Keywords||secure operating system safety critical operating system function isolation secure architecture Servant/Exe-Flow Model|
With the widespread application of computer technology and the rapid development of network technology, information security has become a serious problem concerned with all fields in society. As the base of security of information system, the security of operating system has spontaneously become a hotspot in academia. The research of secure operating system has entered a fast developing period. At the same time, the means of attacking on system has been increased, and the technology of attacking has been enhanced, thereby the research work of secure operating system has been challenged continually. In order to meet this austere challenge, this thesis resolutely chooses the security of operating system which is a difficult subject as its research direction.This thesis regards a new secure operating system supporting function isolation as research object, main research objects including:1. First, the theory and the technology concerned with secure operating system, including secure control technology, secure policy, secure model, typical secure and safety critical operating system, are systematically and deeply discussed and analyzed. The limitation of existing technology concerning the security of operating system is explained, and the further way of the technology is clarified;2. Because the CASP secure architecture brought by our lab is one of the base of this thesis research, the secure architecture is described in detail. The describing content includes the component and working flow of CASP, secure server, capability server and security implement mechanism, etc. And the characteristic and the virtue of CASP are also analyzed.3. The idea of function isolation and its application in secure operating system is put forward. Based on function isolation a new type of three layer secure architecture called FI-CASP is designed and described amply, including the concept and the definition concerned with function isolation, the composition and the working flow of FI-CASP, the working manner of function isolation server, the interface and the algorithm of function dividing, the component of isolation managing server and the technology of function isolation based on process and address space.4. As an example of realization of function isolation in fashionable component operating system, the function isolation is carried out in an operation system based on Servant/Exe-Flow Model. The interface of message, the function dividing server and the isolation managing server are designed in detail.5. The performance of function isolation is analyzed and evaluated. The performance of three kinds of isolation mechanisms are compared, the influence of function isolation mechanism to system efficiency is analyzed.The new contributions which are character of innovation in this thesis are as follows:1. After analyzing the limitation of existing time and space isolation technology, the new idea of realization of function isolation in secure operating system is put forward, and the algorithm of function dividing and the technology of function isolation are designed, the feasibility of function isolation is proved.2. A three layer secure architecture supporting function isolation called FI-CASP is brought out and described in detail. It is proved that FI-CASP is a model with great security, clear architecture, well flexibility and well usability, especially FI-CASP is suitable for fashionable component operating system.3. Function isolation is put into practice in a secure operating system with the named IS-Minicore which is based on Servant/Exe-Flow Model and is noted for typical character of component operating system, and the feasibility of FI-CASP architecture is validated.Integrating function isolation with the merits of existing advanced secure architecture, FI-CASP itself is provided with great secure performance which especially fits for the application fields which demands advanced security such as military aspect.