[go: up one dir, main page]

CN104036166B - The user of forced symmetric centralization is supported to put forward power method - Google Patents

The user of forced symmetric centralization is supported to put forward power method Download PDF

Info

Publication number
CN104036166B
CN104036166B CN201410257094.0A CN201410257094A CN104036166B CN 104036166 B CN104036166 B CN 104036166B CN 201410257094 A CN201410257094 A CN 201410257094A CN 104036166 B CN104036166 B CN 104036166B
Authority
CN
China
Prior art keywords
privileged
administrator
user
program
security
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201410257094.0A
Other languages
Chinese (zh)
Other versions
CN104036166A (en
Inventor
陈松政
罗求
魏立峰
董攀
黄辰林
付松龄
丁滟
唐晓东
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
National University of Defense Technology
Original Assignee
National University of Defense Technology
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by National University of Defense Technology filed Critical National University of Defense Technology
Priority to CN201410257094.0A priority Critical patent/CN104036166B/en
Publication of CN104036166A publication Critical patent/CN104036166A/en
Application granted granted Critical
Publication of CN104036166B publication Critical patent/CN104036166B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Storage Device Security (AREA)

Abstract

本发明公开一种支持强制访问控制的用户提权方法,步骤为:1)预先强制将操作系统的特权程序分类并与不同的管理员角色进行关联;2)检测用户的访问请求,当检测到特权操作请求时,跳转执行步骤3);3)对发出特权操作请求的用户进行身份验证,如果身份验证通过,则派生子进程,设置子进程的安全属性并使子进程的安全属性继承目标特权程序所对应的管理员角色的安全属性,通过子进程执行目标特权程序;如果身份验证不通过,拒绝用户的特权操作请求并退出。本发明具有实现方法简单、能够实现用户提权操作且支持强制访问控制、操作系统安全性高且可用性强的优点。

The invention discloses a method for elevating user privileges supporting mandatory access control. The steps are: 1) pre-forcibly classify the privileged programs of the operating system and associate them with different administrator roles; 2) detect the user's access request, and when detected When a privileged operation request is requested, jump to step 3); 3) authenticate the user who issued the privileged operation request, if the authentication passes, a child process is derived, the security attribute of the child process is set, and the security attribute of the child process inherits the target The security attribute of the administrator role corresponding to the privileged program executes the target privileged program through a child process; if the authentication fails, reject the user's privileged operation request and exit. The present invention has the advantages of simple implementation method, user privilege escalation operation, mandatory access control support, high operating system security and strong usability.

Description

支持强制访问控制的用户提权方法User Privilege Escalation Method Supporting Mandatory Access Control

技术领域technical field

本发明涉及计算机操作系统的用户提升权限技术领域,尤其涉及一种支持强制访问控制的用户提权方法。The invention relates to the technical field of user privilege elevation of computer operating systems, in particular to a user privilege elevation method supporting mandatory access control.

背景技术Background technique

随着计算机技术及网络技术的发展,计算机系统的安全变得越来越重要,而操作系统作为计算机资源的管理者,更是整个主机系统安全的基础。一个有效可靠的操作系统也应具有很强的安全性和相应的保护措施,即能够杜绝或限制天窗、隐蔽通道、特洛伊木马等对系统构成的安全隐患,对系统中的信息提供足够的保护,防止未授权用户的滥用或毁坏系统软件的资源。With the development of computer technology and network technology, the security of computer systems has become more and more important, and the operating system, as the manager of computer resources, is the basis of the security of the entire host system. An effective and reliable operating system should also have strong security and corresponding protection measures, that is, it can eliminate or limit the security risks posed to the system by skylights, hidden passages, Trojan horses, etc., and provide sufficient protection for the information in the system. Prevent unauthorized users from misusing or destroying system software resources.

许多用户喜欢用管理员账户(Windows系统下为Administrator,Unix、Linux等类Unix系统下为root)登录系统,这样用户可以获取操作系统的最高权限,执行任何操作都不会受到权限限制。然而用户通过使用管理员账号带来便利的同时也会对计算机系统的安全性造成重大威胁,例如如果存在隐藏在系统中的恶意程序,当用户使用管理员账户登录系统时,在系统感染病毒或者未知情况下执行了恶意程序,那么恶意程序也获得了与管理员账户相同的权限,即能够对操作系统所有的资源进行管理,这是十分危险的,甚至会对系统造成重大损失。Many users like to log in to the system with an administrator account (Administrator under Windows, root under Unix, Linux and other Unix systems), so that users can obtain the highest authority of the operating system and perform any operation without being restricted by authority. However, while users use the administrator account to bring convenience, it also poses a major threat to the security of the computer system. If a malicious program is executed under unknown circumstances, the malicious program also obtains the same authority as the administrator account, that is, it can manage all resources of the operating system, which is very dangerous and may even cause heavy losses to the system.

为了应对日益突出的安全问题,在使用操作系统时通常建议使用普通账户登录,当需要执行特权操作时,再通过提权的方法来完成操作。所谓的提权是指通过一定的方式使得普通用户暂时具有管理操作系统资源的权限的过程。使用上述方法,即使用户执行了恶意程序,恶意程序所获得的权限也仅限于普通用户的权限,无法执行特权程序,不会对系统造成重大危害。In order to cope with increasingly prominent security issues, it is usually recommended to log in with a common account when using the operating system, and when a privileged operation needs to be performed, the operation is completed through the method of privilege escalation. The so-called privilege escalation refers to the process of making ordinary users temporarily have the authority to manage operating system resources in a certain way. Using the above method, even if the user executes the malicious program, the authority obtained by the malicious program is limited to the authority of the ordinary user, and the privileged program cannot be executed, which will not cause great harm to the system.

目前主流操作系统都提供了相应的用户提权的解决方案,包括:At present, mainstream operating systems provide corresponding solutions for user privilege escalation, including:

1)Windows系统提供的UAC(用户账户控制)机制。1) UAC (User Account Control) mechanism provided by Windows system.

UAC是从Windows Vista开始引进的技术,该技术通过限制用户执行特权程序用来增强Windows系统的安全性,只有用户信任的程序才可以获取管理员权限。目前在Windows系统下提供了UAC的权限控制机制,防止用户对计算机进行未经授权的更改,当用户执行一些安装软件或者设置防火墙等操作时都会触发UAC,需要用户完成身份认证后由UAC进行一次权限的提升,使得登录的用户在提权后才具有更高的管理员权限来执行这些特权操作。UAC is a technology introduced from Windows Vista. This technology is used to enhance the security of Windows system by restricting users from executing privileged programs. Only programs that users trust can obtain administrator privileges. At present, the UAC permission control mechanism is provided under the Windows system to prevent users from making unauthorized changes to the computer. When the user performs some operations such as installing software or setting up a firewall, UAC will be triggered. After the user completes the identity authentication, the UAC will perform it once. The privilege escalation allows the logged-in user to have higher administrator privileges to perform these privileged operations after privilege escalation.

2)Unix/Linux系统提供的su/sudo/polkit机制。2) The su/sudo/polkit mechanism provided by the Unix/Linux system.

Unix/Linux系统提供了su/sudo/polkit等机制来让用户提升权限。su和sudo是UNIX/Linux系统下提供的命令行程序,通过它们可以使用户以指定的UID(用户ID)或者GID(组ID)来执行程序。su命令使用切换到的用户的密码来完成认证,而sudo命令使用用户自身的密码来认证,通过sudo认证后会有大概15分钟的宽限期,在这段时间内用户再次执行sudo命令不需要认证。针对su/sudo没有图形界面的缺点,gksu/gksudo提供了图形界面认证;Polkit则提供了一个pkexec命令来提权,该命令可以以指定用户来执行程序,同时它也提供一个图形界面来认证,认证中使用的是root用户的密码。The Unix/Linux system provides mechanisms such as su/sudo/polkit to allow users to elevate their privileges. su and sudo are command-line programs provided under the UNIX/Linux system, through which users can execute programs with specified UID (user ID) or GID (group ID). The su command uses the password of the switched user to complete the authentication, while the sudo command uses the user's own password to authenticate. After passing the sudo authentication, there will be a grace period of about 15 minutes. During this period, the user does not need to authenticate again to execute the sudo command . For the disadvantage that su/sudo does not have a graphical interface, gksu/gksudo provides a graphical interface for authentication; Polkit provides a pkexec command to escalate privileges. This command can execute programs with a specified user, and it also provides a graphical interface for authentication. The password of the root user is used for authentication.

操作系统的某一合法用户可任意修改该用户拥有的文件访问控制信息,但是操作系统无法区别这种修改是用户自己的合法操作还是恶意程序的非法操作;另外,也没有一种有效的方法能够防止计算机病毒将信息通过共享客体从一个进程传递给另一个进程。因此,为了解决上述问题,使操作系统具有更高的安全性,引入了强制访问控制机制。在启用了强制访问控制的系统中,系统为主体与客体均分配一个特殊的一般不能更改的安全属性,系统通过比较主体与客体的安全属性来决定一个主体是否能够访问某个客体。用户为某个目的而运行程序时,不能改变它自己及任何其它客体的安全属性,包括该用户自己拥有的客体。然而在支持强制访问控制的系统中,普通的提权仅仅是改变了用户的ID和组ID,特权进程对应的强制访问控制安全属性默认是继承自父进程的,没有随着提权作相应的改变,因此提权后的操作可能仍然受到强制访问控制的阻止,从而造成最终提权失败。A legal user of the operating system can arbitrarily modify the file access control information owned by the user, but the operating system cannot distinguish whether the modification is a legitimate operation of the user or an illegal operation of a malicious program; in addition, there is no effective method to Prevents computer viruses from passing information from one process to another through shared objects. Therefore, in order to solve the above problems and make the operating system have higher security, a mandatory access control mechanism is introduced. In a system with mandatory access control enabled, the system assigns a special security attribute that generally cannot be changed for both the subject and the object. The system determines whether a subject can access an object by comparing the security attributes of the subject and the object. When a user runs a program for a certain purpose, he cannot change the security attributes of himself and any other object, including objects owned by the user himself. However, in a system that supports mandatory access control, ordinary privilege escalation only changes the user ID and group ID, and the mandatory access control security attributes corresponding to the privileged process are inherited from the parent process by default, and there is no corresponding action with privilege escalation. Therefore, operations after privilege escalation may still be blocked by mandatory access control, resulting in the final privilege escalation failure.

综上所述,现有的提权方法中不支持或部分支持强制访问控制,而在支持强制访问控制系统中进行提权时,提权后的进程的安全属性没有进行正确设置,导致提权后的特权操作仍然受到强制访问控制系统的阻止,用户无法执行特权操作。To sum up, the existing privilege escalation methods do not support or partially support mandatory access control, and when the privilege is escalated in a system that supports mandatory access control, the security attributes of the process after privilege escalation are not set correctly, resulting in Privileged operations are still blocked by the mandatory access control system, and users cannot perform privileged operations.

发明内容Contents of the invention

本发明要解决的技术问题就在于:针对现有技术存在的技术问题,本发明提供一种实现方法简单、能够实现用户提权操作且支持强制访问控制、操作系统安全性高且可用性强的支持强制访问控制的用户提权方法。The technical problem to be solved by the present invention is that: aiming at the technical problems existing in the prior art, the present invention provides a simple implementation method, which can realize user privilege escalation operation and support mandatory access control, high operating system security and strong usability support User privilege escalation method for mandatory access control.

为解决上述技术问题,本发明提出的技术方案为:In order to solve the problems of the technologies described above, the technical solution proposed by the present invention is:

一种支持强制访问控制的用户提权方法,具体实施步骤如下:A user privilege escalation method supporting mandatory access control, the specific implementation steps are as follows:

1)预先强制将操作系统的特权程序分类并与不同的管理员角色进行关联;1) Pre-forcibly classify the privileged programs of the operating system and associate them with different administrator roles;

2)检测普通用户的访问请求,当检测到特权操作请求时,跳转执行步骤3);2) Detect the access request of ordinary users, and when a privileged operation request is detected, jump to step 3);

3)对发出特权操作请求的普通用户进行身份验证,如果身份验证通过,则派生子进程,设置所述子进程的安全属性并使所述子进程的安全属性继承特权操作请求的目标特权程序所关联的管理员角色的安全属性,通过所述子进程执行目标特权程序;如果身份验证不通过,则拒绝用户的特权操作请求并退出。3) Perform authentication on the ordinary user who issued the privileged operation request. If the authentication passes, a child process is spawned, the security attribute of the child process is set, and the security attribute of the child process is inherited from the target privileged program of the privileged operation request. According to the security attribute of the associated administrator role, the target privileged program is executed through the child process; if the authentication fails, the user's privileged operation request is rejected and exited.

作为本发明的进一步改进,所述步骤1)的具体实施步骤如下:As a further improvement of the present invention, the specific implementation steps of the step 1) are as follows:

1.1)预先强制将操作系统的特权程序按功能进行分类;1.1) Pre-forcibly classify the privileged programs of the operating system according to their functions;

1.2)根据所述特权程序的分类,将归类后的每一类特权程序分别与对应的管理员角色进行关联,得到每一个特权程序与管理员角色之间的关联关系;1.2) According to the classification of the privileged programs, associate each classified privileged program with the corresponding administrator role to obtain the association relationship between each privileged program and the administrator role;

1.3)将所述每一个特权程序与管理员角色之间的关联关系作为配置文件存储,且针对所述配置文件提供修改配置文件的特权程序,将修改配置文件的特权程序与指定的管理员角色进行关联,使得普通用户只有提权至指定的管理员角色才具有对所述配置文件的读写权限。1.3) Store the association between each privileged program and the administrator role as a configuration file, and provide a privileged program for modifying the configuration file for the configuration file, and link the privileged program for modifying the configuration file with the specified administrator role Association is made so that ordinary users have read and write permissions to the configuration file only if they are elevated to a designated administrator role.

作为本发明的进一步改进:所述步骤1.1)中的管理员角色具体包括系统管理员、安全管理员、审计管理员三类,所述预先强制将操作系统的特权程序按功能进行分类具体是指强制将操作系统的特权程序按功能分类为由系统管理员执行、由安全管理员执行、由审计管理员执行三类。As a further improvement of the present invention: the administrator roles in the step 1.1) specifically include system administrators, security administrators, and audit administrators. Compulsory classification of privileged programs of the operating system into three categories: executed by system administrators, executed by security administrators, and executed by audit administrators.

作为本发明的进一步改进:所述步骤1.3)中指定的管理员角色具体是指安全管理员。As a further improvement of the present invention: the administrator role specified in step 1.3) specifically refers to a security administrator.

作为本发明的进一步改进:所述步骤2)的详细实施步骤如下:As a further improvement of the present invention: the detailed implementation steps of the step 2) are as follows:

2.1)截获普通用户的访问请求,如果收到特权操作请求,则跳转执行步骤2.2),否则继续返回重新执行步骤2.1);2.1) Intercept the access request of ordinary users. If a privileged operation request is received, skip to step 2.2), otherwise continue to return and re-execute step 2.1);

2.2)触发启动C/S模式的客户端,所述C/S模式的客户端具有所述存储有特权程序和管理员角色之间关联关系的配置文件的只读权限;所述C/S模式的客户端读取所述存储有特权程序和管理员角色之间的关联关系的配置文件,解析收到的特权操作请求并将特权操作请求的用户信息、目标特权程序、与目标特权程序关联的管理员角色通过进程间通信的方式发送给C/S模式的服务端,通过C/S模式的服务端执行步骤3)。2.2) Trigger the start of the client in C/S mode, the client in the C/S mode has the read-only authority of the configuration file storing the association relationship between the privileged program and the administrator role; the C/S mode The client reads the configuration file that stores the association relationship between the privileged program and the administrator role, parses the received privileged operation request and converts the user information of the privileged operation request, the target privileged program, and the target privileged program associated The administrator role is sent to the server in C/S mode through inter-process communication, and step 3) is executed through the server in C/S mode.

作为本发明的进一步改进:所述步骤3)具体是通过作为C/S模式的服务端的服务框架程序实现的,且所述服务框架程序的安全属性被强制控制为只能进行设置派生子进程的安全属性、执行特权程序,和操作系统的密码验证模块进行进程间通信实现对普通用户进行身份验证,以及C/S模式的客户端进行进程间通信。As a further improvement of the present invention: the step 3) is specifically implemented through the service framework program of the server in the C/S mode, and the security attribute of the service framework program is forcibly controlled to only be able to set the derived child process Security attributes, execution of privileged programs, and inter-process communication with the password verification module of the operating system realize the authentication of ordinary users, and the client of C/S mode performs inter-process communication.

与现有技术相比,本发明具有下述技术效果:Compared with the prior art, the present invention has the following technical effects:

1)本发明通过预先将操作系统的特权程序分类并与不同的管理员角色进行关联,限定特权程序的访问权限,实现强制访问控制,操作系统的安全性高;通过接收普通用户的特权操作请求及普通用户的身份验证完成提权操作,能够在使用普通用户登录的情况下通过提权执行特权操作,提高支持强制访问控制的操作系统的易用性;同时在提权后派生子进程并对子进程的安全属性进行设置,使子进程的安全属性继承与特权程序关联的管理员角色的安全属性,确保提权成功,完成特权程序的执行。1) The present invention classifies the privileged programs of the operating system in advance and associates them with different administrator roles, limits the access rights of the privileged programs, realizes mandatory access control, and ensures high security of the operating system; by receiving privileged operation requests from ordinary users and ordinary user authentication to complete the privilege escalation operation, which can perform privileged operations through privilege escalation when logging in as an ordinary user, improving the usability of the operating system that supports mandatory access control; The security attribute of the child process is set, so that the security attribute of the child process inherits the security attribute of the administrator role associated with the privileged program, so as to ensure the success of privilege escalation and complete the execution of the privileged program.

2)本发明采用C/S模式的提权方式时,通过客户端截获用户的特权操作请求,由客户端解析后将信息发送给服务端,由服务端进行安全属性的设置并代替用户执行特权操作,实现方法简单、提权方式灵活。2) When the present invention adopts the privilege escalation mode of C/S mode, the client intercepts the user's privilege operation request, and the client parses and sends the information to the server, and the server sets the security attribute and executes the privilege instead of the user The operation and implementation method are simple, and the method of privilege escalation is flexible.

3)本发明通过为特权程序与管理员角色关联的配置文件设置特殊安全属性,防止未经授权的恶意程序修改配置文件,保证系统安全;同时对C/S模式中服务端的服务框架程序设置特殊安全属性,使特权程序、服务框架程序均在限定的范围内运行,实现了最小特权原则以及责任分离原则。3) The present invention sets special security attributes for configuration files associated with privileged programs and administrator roles, preventing unauthorized malicious programs from modifying configuration files and ensuring system security; at the same time, setting special security attributes for the service framework program of the server in the C/S mode Security attributes enable privileged programs and service framework programs to run within a limited range, realizing the principle of least privilege and separation of responsibilities.

附图说明Description of drawings

图1是本实施例支持强制访问控制的用户提权方法的实现流程示意图。FIG. 1 is a schematic diagram of the implementation flow of the method for elevating user rights that supports mandatory access control in this embodiment.

图2是本实施例中特权程序与管理员角色关联关系示意图。FIG. 2 is a schematic diagram of the relationship between privileged programs and administrator roles in this embodiment.

图3是本实施例中C/S模式时步骤2)的具体实施流程示意图。Fig. 3 is a schematic flow chart of the specific implementation of step 2) in the C/S mode in this embodiment.

具体实施方式detailed description

以下结合说明书附图和具体优选的实施例对本发明作进一步描述,但并不因此而限制本发明的保护范围。The present invention will be further described below in conjunction with the accompanying drawings and specific preferred embodiments, but the protection scope of the present invention is not limited thereby.

如图1所示,本实施例支持强制访问控制的用户提权方法的具体实施步骤如下:As shown in Figure 1, the specific implementation steps of the user's privilege escalation method that supports mandatory access control in this embodiment are as follows:

1)预先强制将操作系统的特权程序分类并与不同的管理员角色进行关联;1) Pre-forcibly classify the privileged programs of the operating system and associate them with different administrator roles;

2)检测普通用户的操作请求,当检测到特权操作请求时,跳转执行步骤3);2) Detect the operation requests of ordinary users, and when a privileged operation request is detected, jump to step 3);

3)对发出特权操作请求的普通用户进行身份验证,如果身份验证通过,则派生子进程,设置子进程的安全属性并使子进程的安全属性继承特权操作请求的目标特权程序所关联的管理员角色的安全属性,通过子进程执行目标特权程序;如果身份验证不通过,拒绝用户的特权操作请求并退出。3) Authenticate the ordinary user who issued the privileged operation request. If the authentication is passed, the child process is forked, the security attribute of the child process is set, and the security attribute of the child process is inherited from the administrator associated with the target privileged program of the privileged operation request. The security attribute of the role, execute the target privileged program through the child process; if the authentication fails, reject the user's privileged operation request and exit.

本实施例通过强制将特权程序进行分类并与不同的管理员角色进行关联,限定特权程序的访问权限,实现强制访问控制,操作系统的安全性高;通过接收用户的特权操作请求及用户的身份验证完成用户的提权操作,操作系统能够在使用普通用户登录的情况下通过提权执行特权操作,提高支持强制访问控制的操作系统的易用性;同时在提权后派生子进程并对子进程的安全属性进行设置,使子进程的安全属性继承与特权程序关联的管理员角色的安全属性,确保提权的最终成功,完成特权程序的执行。In this embodiment, by forcing the privileged programs to be classified and associated with different administrator roles, the access rights of the privileged programs are limited to realize mandatory access control, and the security of the operating system is high; by receiving the user's privileged operation request and the user's identity Verify that the user's privilege escalation operation is completed, and the operating system can perform privileged operations through privilege escalation when logging in as an ordinary user, improving the usability of the operating system that supports mandatory access control; The security attribute of the process is set, so that the security attribute of the child process inherits the security attribute of the administrator role associated with the privileged program, so as to ensure the final success of the privilege escalation and complete the execution of the privileged program.

本实施例中,步骤1)的具体实施步骤如下:In this embodiment, the specific implementation steps of step 1) are as follows:

1.1)预先强制将操作系统的特权程序按功能进行分类;1.1) Pre-forcibly classify the privileged programs of the operating system according to their functions;

1.2)根据特权程序的分类,将归类后的每一类特权程序分别与对应的管理员角色进行关联,得到每一个特权程序与管理员角色之间的关联关系;1.2) According to the classification of privileged programs, each type of privileged program after classification is associated with the corresponding administrator role, and the association relationship between each privileged program and administrator role is obtained;

1.3)将每一个特权程序与管理员角色之间的关联关系作为配置文件存储,且针对配置文件提供修改配置文件的特权程序,将修改配置文件的特权程序与指定的管理员角色进行关联,使得普通用户只有提权至指定的管理员角色才具有对配置文件的读写权限。1.3) Store the relationship between each privileged program and the administrator role as a configuration file, and provide a privileged program for modifying the configuration file for the configuration file, and associate the privileged program for modifying the configuration file with the specified administrator role, so that Ordinary users have read and write permissions to configuration files only if they are elevated to a designated administrator role.

本实施例步骤1.1)中的管理员角色具体包括系统管理员、安全管理员、审计管理员三类,预先强制将操作系统的特权程序按功能进行分类具体是指强制将操作系统的特权程序按功能分类为由系统管理员执行、由安全管理员执行、由审计管理员执行三类。将现有操作系统中可以执行所有特权程序的root的权限分别分配到系统管理员、安全管理员和审计管理员三类管理员角色上,每个管理员角色具有的特权只是root的一部分。The administrator roles in step 1.1) of this embodiment specifically include system administrators, security administrators, and audit administrators. Forcibly classifying the privileged programs of the operating system according to their functions in advance refers to forcing the privileged programs of the operating system to be Functions are classified into three categories: executed by system administrators, executed by security administrators, and executed by audit administrators. In the existing operating system, the authority of root, which can execute all privileged programs, is assigned to three administrator roles: system administrator, security administrator, and audit administrator. The privileges of each administrator role are only part of root.

本实施例中,根据特权程序的功能,将操作系统中的特权程序划分为由系统管理员执行、由安全管理员执行以及由审计管理员执行三类,分类后的特权程序再与对应的管理员角色进行关联,即由系统管理员执行的特权程序与系统管理员角色关联,由安全管理员执行的特权程序与安全管理员角色关联,由审计管理员执行的特权程序与审计管理员角色管理。系统中存在多个特权程序,每个特权程序只能与一个管理员角色关联,一个管理员角色则可以关联多个特权程序。如图2所示,以n个特权程序(特权程序1~特权程序n)和n个管理员角色(管理员角色1~管理员角色n)为例,特权程序1与管理员角色2关联,特权程序2与管理员角色1关联,特权程序3与管理员角色3关联,……,特权程序n与管理员角色n关联。需要说明的是,图2仅仅是对特权程序与管理员角色之间的多对一的关联关系的部分列举,由于特权程序与管理员角色是以多对一的方式进行关联,因此每个特权程序必然对应一个管理员角色,一个管理员角色可能对应多个特权程序。In this embodiment, according to the functions of the privileged programs, the privileged programs in the operating system are divided into three categories: executed by the system administrator, executed by the security administrator, and executed by the audit administrator. The privileged program executed by the system administrator is associated with the role of the system administrator, the privileged program executed by the security administrator is associated with the role of the security administrator, and the privileged program executed by the audit administrator is associated with the role of the audit administrator . There are multiple privileged programs in the system, and each privileged program can only be associated with one administrator role, and one administrator role can be associated with multiple privileged programs. As shown in Figure 2, taking n privileged programs (privileged program 1 to privileged program n) and n administrator roles (administrator role 1 to administrator role n) as an example, privileged program 1 is associated with administrator role 2, Privileged program 2 is associated with administrator role 1, privileged program 3 is associated with administrator role 3, ..., privileged program n is associated with administrator role n. It should be noted that Figure 2 is only a partial enumeration of the many-to-one association between privileged programs and administrator roles. Since privileged programs and administrator roles are associated in a many-to-one manner, each privilege A program must correspond to an administrator role, and an administrator role may correspond to multiple privileged programs.

本实施例中,每一个特权程序与管理员角色的关联关系存储在系统的配置文件中,通过对配置文件安全属性的设置,使配置文件受到强制访问控制的保护,防止未授权程序的修改,具体方法为:针对配置文件提供修改配置文件的特权程序,将修改配置文件的特权程序与安全管理员角色进行关联,使得只有提权至指定的管理员角色才能对配置文件进行访问和编辑,普通用户和其它管理员均无法直接对配置文件进行访问和编辑。In this embodiment, the association relationship between each privileged program and the administrator role is stored in the configuration file of the system. By setting the security attribute of the configuration file, the configuration file is protected by mandatory access control to prevent unauthorized program modification. The specific method is: provide a privileged program for modifying the configuration file for the configuration file, and associate the privileged program for modifying the configuration file with the role of the security administrator, so that only the privileged administrator role can access and edit the configuration file. Neither users nor other administrators can directly access and edit configuration files.

本实施例通过为存储每一个特权程序与管理员角色的关联关系的配置文件设置特殊安全属性,并提供修改配置文件的特权程序,且将修改配置文件的特权程序与安全管理员关联。普通用户只有提权至指定的管理员角色才具有对配置文件的读写权限,从而能够对配置文件进行访问、编辑,普通用户、系统管理员和审计管理员的角色均无法直接进行访问、编辑或查看,防止普通用户、系统管理员、审计管理员角色的修改,从而实现将修改配置文件的特权程序与安全管理员角色进行关联,对配置文件实施保护,使得普通用户只能提权至安全管理员角色才能对配置文件进行修改,防止未经授权的恶意程序修改配置文件,保证系统安全。In this embodiment, a special security attribute is set for a configuration file storing the association relationship between each privileged program and an administrator role, and a privileged program for modifying the configuration file is provided, and the privileged program for modifying the configuration file is associated with a security administrator. Ordinary users have read and write permissions to configuration files only when they are elevated to the designated administrator role, so that they can access and edit configuration files. Ordinary users, system administrators, and audit administrators cannot directly access and edit Or check to prevent the modification of the roles of ordinary users, system administrators, and audit administrators, so as to associate the privileged program that modifies the configuration file with the role of the security administrator, and protect the configuration file so that ordinary users can only elevate their privileges to the security administrator. Only administrators can modify configuration files to prevent unauthorized malicious programs from modifying configuration files and ensure system security.

本实施例中,步骤2)的详细实施步骤如下:In this embodiment, the detailed implementation steps of step 2) are as follows:

2.1)截获普通用户的访问请求,如果收到特权操作请求,则跳转执行步骤2.2),否则继续返回重新执行步骤2.1);2.1) Intercept the access request of ordinary users. If a privileged operation request is received, skip to step 2.2), otherwise continue to return and re-execute step 2.1);

2.2)触发启动C/S模式的客户端,C/S模式的客户端具有存储有特权程序和管理员角色之间关联关系的配置文件的只读权限;C/S模式的客户端读取存储有特权程序和管理员角色之间的关联关系的配置文件,解析特权操作请求并将特权操作请求的用户信息、目标特权程序、与目标特权程序关联的管理员角色通过进程间通信的方式发送给C/S模式的服务端,通过C/S模式的服务端执行步骤3)。2.2) Trigger the start of the client in C/S mode. The client in C/S mode has the read-only permission to store the configuration file associated with the relationship between the privileged program and the administrator role; the client in C/S mode reads the stored A configuration file with the association relationship between the privileged program and the administrator role, parses the privileged operation request and sends the user information of the privileged operation request, the target privileged program, and the administrator role associated with the target privileged program to the For the server in C/S mode, execute step 3) through the server in C/S mode.

本实施例中,步骤2)、步骤3)通过C/S模式实现,步骤2)由C/S模式的客户端实现,步骤3)由C/S模式的服务端实现,在其它实施例中也可以采用其它方式实现。当普通用户执行提权程序时,便会触发C/S模式的客户端读取配置文件,系统中C/S模式的客户端(C/S客户端)是被配置为具有存储有特权程序和管理员角色之间关联关系的配置文件的只读权限,因此可以直接读取配置文件(只读);而普通用户只有提权至指定的管理员角色才具有对配置文件的读写权限,从而能够对配置文件进行访问、编辑,通过上述设置,主要目的是保护配置文件不被非法访问和修改,配置文件的读取权限只有运行C/S的客户端(运行时会转换到特殊的上下文)和配置文件修改的程序(提权到安全管理员)。In this embodiment, step 2) and step 3) are realized through the C/S mode, step 2) is realized by the client of the C/S mode, and step 3) is realized by the server of the C/S mode, in other embodiments It can also be realized in other ways. When an ordinary user executes the privilege escalation program, it will trigger the C/S mode client to read the configuration file. The C/S mode client (C/S client) in the system is configured to have stored privileged programs and The read-only permission of the configuration file of the association relationship between administrator roles, so the configuration file can be read directly (read-only); while ordinary users only have the read-write permission to the configuration file when the privilege is elevated to the specified administrator role, thus The configuration file can be accessed and edited. Through the above settings, the main purpose is to protect the configuration file from illegal access and modification. The read permission of the configuration file is only for the client running C/S (it will be converted to a special context when running) and configuration file modification procedures (elevation of privileges to security administrators).

本实施例中,当截获到普通用户的访问请求时,触发客户端接收特权操作请求并由客户端对特权操作请求进行解析,将对应的发起特权操作请求的用户、特权操作请求执行的目标特权程序、配置文件中与目标特权程序关联的管理员角色以及相关的系统环境变量等信息通过进程间通信的方式发送给C/S模式的服务端。In this embodiment, when an access request from a common user is intercepted, the client is triggered to receive the privileged operation request and the client parses the privileged operation request, and the corresponding user who initiates the privileged operation request and the target privilege to execute the privileged operation request Information such as the administrator role associated with the target privileged program in the program and the configuration file, and related system environment variables are sent to the server in the C/S mode through inter-process communication.

本实施例中,步骤3)具体是通过作为C/S模式的服务端的服务框架程序实现的,且服务框架程序的安全属性被强制控制为只能进行设置派生子进程的安全属性、执行特权程序,和操作系统的密码验证模块进行进程间通信实现对普通用户进行身份验证,以及C/S模式的客户端进行进程间通信。服务框架程序在收到C/S模式的客户端通过进程间通信的方式发送的信息后,首先通过进程间通信调用操作系统的密码验证模块来对发起特权操作请求的普通用户进行身份验证,如果身份验证通过,则派生子进程并设置子进程的安全属性,使子进程的安全属性继承特权操作请求的目标特权程序所对应的管理员角色的安全属性,然后通过派生的子进程执行特权程序;如果身份验证不通过,则拒绝普通用户的特权操作请求并退出。本实施例采用C/S模式的提权方式时,通过客户端截获用户的特权操作请求,由客户端解析后将信息发送给服务端,由服务端进行安全属性的设置并代替用户执行特权操作,实现方法简单、提权方式灵活。本实施例同时给服务框架程序设置特殊安全属性,服务框架程序运行时,其进程的安全属性也被设置特殊安全属性,通过强制访问控制系统来限制特权服务框架的权限,使其只能设置派生子进程的安全属性、执行配置文件中存在的特权程序,和C/S模式的客户端、密码验证模块进行进程间通信,其它操作均会受到限制。In this embodiment, step 3) is specifically implemented through the service framework program as a server in the C/S mode, and the security attributes of the service framework program are forcibly controlled to only set the security attributes of derived child processes and execute privileged programs. , communicate with the password authentication module of the operating system to implement the authentication of ordinary users, and communicate with the client in the C/S mode. After receiving the information sent by the client in C/S mode through inter-process communication, the service framework program first invokes the password verification module of the operating system through inter-process communication to authenticate the ordinary user who initiated the privileged operation request. If the identity verification is passed, the child process is derived and the security attribute of the child process is set, so that the security attribute of the child process inherits the security attribute of the administrator role corresponding to the target privileged program requested by the privileged operation, and then the privileged program is executed through the derived child process; If the authentication fails, reject the privileged operation request of ordinary users and exit. When the present embodiment adopts the privilege escalation mode of C/S mode, the client intercepts the user's privileged operation request, and the client analyzes and sends the information to the server, and the server sets the security attribute and executes the privileged operation instead of the user , the implementation method is simple, and the method of privilege escalation is flexible. In this embodiment, special security attributes are set for the service framework program at the same time. When the service framework program is running, the security attributes of its process are also set with special security attributes. The security attributes of the child process, the execution of the privileged program in the configuration file, and the client in the C/S mode, the password verification module for inter-process communication, and other operations will be restricted.

本实施例通过对存储特权程序与管理员角色的关联关系的配置文件以及C/S模式时的服务框架进程设置特殊安全属性,使特权程序、特权服务框架进程均在限定的范围内运行,实现了最小特权原则以及责任分离原则。In this embodiment, special security attributes are set for the configuration file storing the association relationship between the privileged program and the administrator role and the service framework process in the C/S mode, so that the privileged program and the privileged service framework process are all run within a limited range, realizing The principle of least privilege and separation of responsibilities.

如图3所示,本实施例中C/S模式下步骤2)的具体实施流程,普通用户发送请求特权服务请求时,由客户端截获普通用户的请求,客户端接收到特权服务请求后向服务端的特权服务框架发送信息,其中信息包括用户信息、目标特权程序、与目标特权程序关联的管理员角色;服务端的特权服务框架接收到客户端的信息后,调用密码验证模块验证发起特权服务请求的用户的身份,判断用户是否为授权用户,如果用户成功授权后,切换用户角色,即由特权服务框架派生子进程并设置子进程的安全属性,使子进程的安全属性继承特权操作请求的目标特权程序所对应的管理员角色的安全属性,再通过子进程执行目标特权程序;如果用户未成功授权,返回执行用户身份验证。As shown in Figure 3, the specific implementation process of step 2) in the C/S mode in this embodiment, when an ordinary user sends a request for a privileged service, the client intercepts the request of the ordinary user, and after receiving the privileged service request, the client sends the The privileged service framework on the server sends information, which includes user information, target privileged program, and administrator role associated with the target privileged program; after receiving the client’s information, the privileged service framework on the server calls the password verification module to verify the identity of the privileged service request. The identity of the user determines whether the user is an authorized user. If the user is successfully authorized, switch the user role, that is, the privileged service framework will derive a child process and set the security attribute of the child process, so that the security attribute of the child process inherits the target privilege of the privileged operation request The security attributes of the administrator role corresponding to the program, and then execute the target privileged program through the child process; if the user is not successfully authorized, return to perform user authentication.

上述只是本发明的较佳实施例,并非对本发明作任何形式上的限制。虽然本发明已以较佳实施例揭露如上,然而并非用以限定本发明。任何熟悉本领域的技术人员,在不脱离本发明技术方案范围的情况下,都可利用上述揭示的技术内容对本发明技术方案做出许多可能的变动和修饰,或修改为等同变化的等效实施例。因此,凡是未脱离本发明技术方案的内容,依据本发明技术实质对以上实施例所做的任何简单修改、等同变化及修饰,均应落在本发明技术方案保护的范围内。The above are only preferred embodiments of the present invention, and do not limit the present invention in any form. Although the present invention has been disclosed above with preferred embodiments, it is not intended to limit the present invention. Any person familiar with the art, without departing from the scope of the technical solution of the present invention, can use the technical content disclosed above to make many possible changes and modifications to the technical solution of the present invention, or modify it into an equivalent implementation of equivalent changes example. Therefore, any simple modifications, equivalent changes and modifications made to the above embodiments according to the technical essence of the present invention shall fall within the protection scope of the technical solution of the present invention.

Claims (6)

1.一种支持强制访问控制的用户提权方法,其特征在于具体实施步骤如下:1)预先强制将操作系统的特权程序分类并与不同的管理员角色进行关联;1. A user privilege escalation method supporting mandatory access control, characterized in that the specific implementation steps are as follows: 1) pre-forcibly classifying privileged programs of the operating system and associating them with different administrator roles; 2)检测普通用户的访问请求,当检测到特权操作请求时,跳转执行步骤3);2) Detect the access request of ordinary users, and when a privileged operation request is detected, jump to step 3); 3)对发出特权操作请求的普通用户进行身份验证,如果身份验证通过,则派生子进程,设置所述子进程的安全属性并使所述子进程的安全属性继承特权操作请求的目标特权程序所关联的管理员角色的安全属性,通过所述子进程执行目标特权程序;如果身份验证不通过,则拒绝用户的特权操作请求并退出。3) Perform authentication on the ordinary user who issued the privileged operation request. If the authentication passes, a child process is spawned, the security attribute of the child process is set, and the security attribute of the child process is inherited from the target privileged program of the privileged operation request. According to the security attribute of the associated administrator role, the target privileged program is executed through the child process; if the authentication fails, the user's privileged operation request is rejected and exited. 2.根据权利要求1所述的支持强制访问控制的用户提权方法,其特征在于,所述步骤1)的具体实施步骤如下:2. The method for elevating user rights supporting mandatory access control according to claim 1, characterized in that the specific implementation steps of the step 1) are as follows: 1.1)预先强制将操作系统的特权程序按功能进行分类;1.1) Pre-forcibly classify the privileged programs of the operating system according to their functions; 1.2)根据所述特权程序的分类,将归类后的每一类特权程序分别与对应的管理员角色进行关联,得到每一个特权程序与管理员角色之间的关联关系;1.2) According to the classification of the privileged programs, associate each classified privileged program with the corresponding administrator role to obtain the association relationship between each privileged program and the administrator role; 1.3)将所述每一个特权程序与管理员角色之间的关联关系作为配置文件存储,且针对所述配置文件提供修改配置文件的特权程序,将修改配置文件的特权程序与指定的管理员角色进行关联,使得普通用户只有提权至指定的管理员角色才具有对所述配置文件的读写权限。1.3) Store the association between each privileged program and the administrator role as a configuration file, and provide a privileged program for modifying the configuration file for the configuration file, and link the privileged program for modifying the configuration file with the specified administrator role Association is made so that ordinary users have read and write permissions to the configuration file only if they are elevated to a designated administrator role. 3.根据权利要求2所述的支持强制访问控制的用户提权方法,其特征在于,所述步骤1.1)中的管理员角色具体包括系统管理员、安全管理员、审计管理员三类,所述预先强制将操作系统的特权程序按功能进行分类具体是指强制将操作系统的特权程序按功能分类为由系统管理员执行、由安全管理员执行、由审计管理员执行三类。3. The method for escalating user privileges that supports mandatory access control according to claim 2, wherein the administrator roles in step 1.1) specifically include three types: system administrator, security administrator, and audit administrator. The pre-forced classification of the privileged programs of the operating system according to their functions specifically refers to the forced classification of the privileged programs of the operating system into three categories: executed by the system administrator, executed by the security administrator, and executed by the audit administrator. 4.根据权利要求3所述的支持强制访问控制的用户提权方法,其特征在于,所述步骤1.3)中指定的管理员角色具体是指安全管理员。4. The method for user privilege escalation supporting mandatory access control according to claim 3, wherein the administrator role specified in step 1.3) specifically refers to a security administrator. 5.根据权利要求2~4中任意一项所述的支持强制访问控制的用户提权方法,其特征在于,所述步骤2)的详细实施步骤如下:5. The method for elevating user rights that supports mandatory access control according to any one of claims 2 to 4, wherein the detailed implementation steps of step 2) are as follows: 2.1)截获普通用户的访问请求,如果收到特权操作请求,则跳转执行步骤2.2),否则继续返回重新执行步骤2.1);2.1) Intercept the access request of ordinary users. If a privileged operation request is received, skip to step 2.2), otherwise continue to return and re-execute step 2.1); 2.2)触发启动C/S模式的客户端,所述C/S模式的客户端具有存储有特权程序和管理员角色之间关联关系的配置文件的只读权限;所述C/S模式的客户端读取所述存储有特权程序和管理员角色之间关联关系的配置文件,解析收到的特权操作请求并将特权操作请求的用户信息、目标特权程序、与目标特权程序关联的管理员角色通过进程间通信的方式发送给C/S模式的服务端,通过C/S模式的服务端执行步骤3)。2.2) Trigger the start of the client in C/S mode, the client in the C/S mode has the read-only authority to store the configuration file associated with the relationship between the privileged program and the administrator role; the client in the C/S mode The terminal reads the configuration file storing the association relationship between the privileged program and the administrator role, parses the received privileged operation request and sends the user information of the privileged operation request, the target privileged program, and the administrator role associated with the target privileged program Send it to the server in C/S mode through inter-process communication, and execute step 3) through the server in C/S mode. 6.根据权利要求5所述的支持强制访问控制的用户提权方法,其特征在于:所述步骤3)具体是通过作为C/S模式的服务端的服务框架程序实现的,且所述服务框架程序的安全属性被强制控制为只能进行设置派生子进程的安全属性、执行特权程序,和操作系统的密码验证模块进行进程间通信实现对普通用户进行身份验证,以及C/S模式的客户端进行进程间通信。6. The method for elevating user privileges supporting mandatory access control according to claim 5, characterized in that: said step 3) is specifically implemented through a service framework program as a server in C/S mode, and said service framework The security attribute of the program is forcibly controlled to only set the security attribute of the derived child process, execute the privileged program, communicate with the password verification module of the operating system to realize the authentication of ordinary users, and the client of C/S mode for inter-process communication.
CN201410257094.0A 2014-06-11 2014-06-11 The user of forced symmetric centralization is supported to put forward power method Active CN104036166B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201410257094.0A CN104036166B (en) 2014-06-11 2014-06-11 The user of forced symmetric centralization is supported to put forward power method

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201410257094.0A CN104036166B (en) 2014-06-11 2014-06-11 The user of forced symmetric centralization is supported to put forward power method

Publications (2)

Publication Number Publication Date
CN104036166A CN104036166A (en) 2014-09-10
CN104036166B true CN104036166B (en) 2017-12-15

Family

ID=51466934

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201410257094.0A Active CN104036166B (en) 2014-06-11 2014-06-11 The user of forced symmetric centralization is supported to put forward power method

Country Status (1)

Country Link
CN (1) CN104036166B (en)

Families Citing this family (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104392159B (en) * 2014-12-17 2018-02-06 中国人民解放军国防科学技术大学 A kind of user for supporting least privilege authorization method on demand
CN106295319B (en) * 2016-08-02 2019-07-19 中标软件有限公司 Operating system safety protecting method
CN106650500B (en) * 2016-12-28 2020-04-14 广州杰赛科技股份有限公司 Method and system for modifying user rights
CN107172053A (en) * 2017-05-26 2017-09-15 河南职业技术学院 The method of controlling security and safety control of computer
CN111475783B (en) * 2019-01-24 2024-02-27 阿里巴巴集团控股有限公司 Data detection method, system and equipment
CN110046205B (en) * 2019-04-22 2021-04-09 瀚高基础软件股份有限公司 Relational database row security access control method and system
CN111381903B (en) * 2020-03-18 2023-05-26 支付宝(杭州)信息技术有限公司 Program running method, device, equipment and medium
CN112464213B (en) * 2020-11-18 2022-07-08 苏州浪潮智能科技有限公司 Operating system access control method, device, equipment and storage medium
CN112751867B (en) * 2020-12-31 2022-07-05 南京航空航天大学 Access control authorization method based on logic unit and trust evaluation

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1885297A (en) * 2006-06-02 2006-12-27 石杰 Method for role-based access control model with precise access control strategy
CN102034052A (en) * 2010-12-03 2011-04-27 北京工业大学 Operation system architecture based on separation of permissions and implementation method thereof
CN102663321A (en) * 2012-04-24 2012-09-12 百度在线网络技术(北京)有限公司 Security enhancement system and method for software
CN103065100A (en) * 2012-12-26 2013-04-24 中国人民解放军总参谋部第六十一研究所 Container-based method of users to protect private data

Family Cites Families (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6023765A (en) * 1996-12-06 2000-02-08 The United States Of America As Represented By The Secretary Of Commerce Implementation of role-based access control in multi-level secure systems

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1885297A (en) * 2006-06-02 2006-12-27 石杰 Method for role-based access control model with precise access control strategy
CN102034052A (en) * 2010-12-03 2011-04-27 北京工业大学 Operation system architecture based on separation of permissions and implementation method thereof
CN102663321A (en) * 2012-04-24 2012-09-12 百度在线网络技术(北京)有限公司 Security enhancement system and method for software
CN103065100A (en) * 2012-12-26 2013-04-24 中国人民解放军总参谋部第六十一研究所 Container-based method of users to protect private data

Also Published As

Publication number Publication date
CN104036166A (en) 2014-09-10

Similar Documents

Publication Publication Date Title
CN104036166B (en) The user of forced symmetric centralization is supported to put forward power method
EP3671508B1 (en) Customizing operating system kernels with secure kernel modules
US9996703B2 (en) Computer device and method for controlling access to a resource via a security system
US10348734B2 (en) Security bypass environment for circumventing a security application in a computing environment
US11797664B2 (en) Computer device and method for controlling process components
EP2973171B1 (en) Context based switching to a secure operating system environment
CN102110213B (en) Detection of hidden object in computer system
US10762245B2 (en) Input peripheral device security
CN103246849A (en) Safe running method based on ROST under Windows
CN105959319A (en) Data safe transmission method and device
EP3314499B1 (en) Temporary process deprivileging
KR20150045488A (en) System control
CN102831355B (en) The method of trusted path is set up in secure operating system
CN106209847A (en) Electric data transmission method and device
CN107463839A (en) A kind of system and method for managing application program
CN103970540B (en) Key Functions secure calling method and device
CN106254329A (en) For the method protecting computer network security
WO2017016231A1 (en) Policy management method, system and computer storage medium
CN104821943A (en) Method for enhancing security of access of Linux hosts to network system
CN101819548A (en) Technology for detecting fault of Linux system by using mandatory access control
CN106302409A (en) The electric data transmission method of cross-safety zone
CN108830075A (en) A kind of application program management-control method of SSR centralized management platform
CN105653928A (en) Service denial detection method for large data platform
KR101482903B1 (en) Method for preventing data loss, server apparatus, client apparatus
EP2854088B1 (en) A system and method for ensuring safety of online transactions

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant