基于GB-RBAC的嵌入式安全内核的设计与实现计算机科学与技术专业论文.docxVIP

Abstract With the development of embedded systems, more and more embedded systems have operating systems. However, the security of embedded operating systems has always been neglected, while there’re more and more attacks targeted on embedded systems. Therefore, security is indispensible to embedded operating systems. It is common to implement access control mechanisms in embedded operating systems as security enhancements. Access control mechanisms can be devided into DAC, MAC and RBAC. DAC(Discrete Access Control) allows the owner of resources to decide its own access rights, while MAC(Mandatory Access Control) judge each access request merely depending on security policies. RBAC is different from DAC and MAC, because its policy neutral, and it supports security criteria like least privileges and separation of duties(SoD), so it has been developed rapidly since 1992. In this thesis, RBAC(Role-Based Access Control) is introduced in details, and its advantages is pointed out. Then, Core RBAC is analysed, and disadvantages of this model is illustrated. The limitation of Core RBAC in practice is also pointed out. Considering these disadvantages, GB-RBAC model is introduced , and its advantages in practical Operating Systems is explained. This thesis brings up formal constraints onto GB-RBAC model: Mutually exclusive constraints on object group members, illegal operation sets, and forbidding identical roles. The thesis also implements this constraints-enhanced GB-RBAC model on Linux kernel adopting Static Separations of Duties(SSoD) on ARM platform. Mutually exclusive constraints on object group members restricts each object being assigned to only one object group, and this constraint explicitly specifies each objects access rights. Illegal operation sets guarantee the security creterion of Separation of Duties(SoD), and this constraint keeps roles out of excessive privileges, lest them destroy the system. Forbidding identical roles can avoid the existance of iden