摘要
安全审计是保障计算机系统本地安全和网络安全的重要技术,通过对审计信息的分析可以为计算机系统的脆弱性评估、责任认定、损失评估、系统恢复提供关键性信息.为了满足各类应用对Linux平台安全性的要求,Linus Torvalds提出了轻量级、通用的访问控制框架LSM.据此,利用LSM框架提供的安全模块可装载性和编程接口,实现了细粒度、可移植、高安全性的安全审计系统.
The security audit system is effective for both the host security and network security; it should be an ongoing process but not be a one - time shot. On top, security is a delicate balance among protection, availability and User acceptance. An audit trail is a series of records of computer events, about an operating system, an application, or user activities. It is generated by an auditing system that monitors system activity. By analyzing the audit trails, we can determine vulnerabilities, establish accountability, assess damage and recover the system. Linux security modules (LSM) is a lightweight, general purpose, access control framework for the mainstream Linux kernel. Base on the general purpose framework provides by Linux security modules, a portable, loadable, finer -grained security audit system was designed and implemented.
出处
《福州大学学报(自然科学版)》
CAS
CSCD
北大核心
2008年第2期203-207,共5页
Journal of Fuzhou University(Natural Science Edition)
基金
福建省教育厅科研资助项目(JA07028)
