| 安全操作系统中的功能隔离机制 |
| |
| 作者姓名: | 龚育昌 唐玲 张晔 贾永泉 |
| |
| 作者单位: | 中国科学技术大学计算机科学技术系,合肥230027 |
| |
| 摘 要: | 在分析现有操作系统安全机制的基础上,针对空间隔离技术的不足之处,提出了功能隔离的新思想。功能隔离可以提供更细致的隔离粒度,并可使不同类别的功能请求在相互隔离的执行域中执行,从而提高系统的可靠性与安全性。文中详细描述了功能隔离的定义,讨论了功能划分的方法和PFI、ASFI两种功能隔离机制及其关键实现技术。实验数据说明,采用功能隔离不会明显影响系统的效率。
|
| 关 键 词: | 安全关键操作系统 空间隔离 功能隔离 功能划分 |
The function isolation mechanism in secure operating system |
| |
| Authors: | Gong Yu-chang Tang Ling Zhang Ye Jia Yong-quan |
| |
| Institution: | Department of Computer Science and Technology, University of Science and Technology of China, Hefei 230027, China |
| |
| Abstract: | Considering the limitations of current space isolation technique, a new security mechanism adopting function isolation is proposed in this paper. With the mechanism more delicate granularity of function can be used and different execution domains corresponding to different function requests may be isolated each other, so the safety of operating system can be improved. In the paper the principle and algorithm for function division are introduced in detail, and two kinds of isolating mechanisms PFI and ASFI are presented. Experiment results show that the overhead of function isolation wouldn’t reduce the system efficiency notably. |
| |
| Keywords: | safety critical operating system spatial isolation function isolation function dividing |
|
| 点击此处可从《》浏览原始摘要信息 |
| 点击此处可从《》下载免费的PDF全文 |
