支持MLS的多层次嵌入式高可信软件架构

基金项目:

国家863计划(2007AA01Z131)

详细信息

Multi-Layered Trusted Architecture Supporting MLS for Embedded Systems

School of Computer Science and Engineering,University of Electronic Science and Technology of China Chengdu 610054

摘要: 为增强安全关键系统的高可信能力，在分析高可信保障机制现状的基础上，提出了一种多层次的高可信软件架构。该架构采用“时空分离”思想、虚拟机技术，为基于MLS的嵌入式安全关键系统提供了一种整体解决方案。基于该架构，研究了多层次的安全和防危策略管理方法、信息流控制机制、可信软件的评估和认证方法，为安全关键嵌入式系统提供可认证的安全服务。
- BLP安全模型 /
- 信息流控制 /
- 多级安全 /
- 安全关键系统 /
- 安全分离内核
Abstract: To improve the dependability of security/safety-critical systems, after analyzing status quo of high dependable safeguard mechanism, a multi-layered architecture based on the concept of separation and the VM is proposed, which supports applications with multi-level security. This paper researches multi-layered security/safety policy, the information flow control mechanism and the evaluation and certification for trusted software. This architecture can provide trustworthy services for the embedded security/safety-critical systems.
- BLP security model /
- information flow control /
- multi-level security /
- security/safety-critical systems /
- security separation kernel