第八章国外知名安全操作系统介绍.ppt

安全操作系统 中国科学技术大学计算机系 陈香兰（0512 xlanchen@ 助教：裴建国 Autumn 2008 第八章 国外知名安全操作系统介绍 SE-Linux介绍 EROS介绍 Introduction to SE-Linux Reference Book SELinuxNSAs Open Source Security Enhanced Linux By Bill McCarty October 2004 Pages: 254 声明 本部分内容参考了网上搜索到的多个ppt David Quigley关于SELinux的ppt《 Security Enhanced Linux》 Kenduest Lee（小州）的《SELinux入门初探》 主要内容 Definition History Concepts Architecture SELinux Policy Language Userspace 实现 使用 主要内容 Definition History Concepts Architecture SELinux Policy Language Userspace 实现 使用 Wikipedia says: Security-Enhanced Linux (SELinux) is a Linux feature that provides a variety of security policies, including U.S. Department of Defense style mandatory access controls, through the use of Linux Security Modules (LSM) in the Linux kernel. It is not a Linux distribution, but rather a set of modifications that can be applied to Unix-like operating systems, such as Linux and BSD. … Primarily developed by the US National Security Agency … 运行示意图 主要内容 Definition History Concepts Architecture SELinux Policy Language Userspace 实现 使用 SELinux Timeline 1985: LOCK (early Type Enforcement) 1990: DTMach / DTOS 1995: Utah Fluke / Flask 1999: 2.2 Linux Kernel (patch) 2000: 2001: 2.4 Linux Kernel (patch) 2002: LSM 2003: 2.6 Linux Kernel (mainline) 2006: Full network labeling Present 主要内容 Definition History Concepts Architecture SELinux Policy Language Userspace 实现 使用 Concepts Basic security models TE RBAC MLS Basic elements Subjects process that are requesting access to an object Objects items in a system that are acted upon (files, IPC, sockets, etc….) Actions SELinux中对上述几种安全模型的实现 All Objects and Subjects contain a security context Security Context(s) are composed of four parts 观察linux-2.6.26\security\selinux\ss\context.h中关于安全上下文的定义 Security context，安全上下文 Three security attribute User identity：与主体或客体相关联的用户id 对一个主体，即进程而言，代表了该进程运行所处的账户上下文 对一个客体，表明该客体的拥有者 注意：与Linux自主访问控制中的UID，是不同的两套概念 Role Type Role：a set of permission a user can be granted 在任意时刻，用户只能处于一个