摘要
目前,能够使用的安全操作系统模型较多,主要包括SELinux、App AHnor安全模型等,针对上述强制性访问控制模型有所差异.美国安全局发布集成在Linux内核中访问SELinux控制机制,SELinux借助RBAC模型、TE模型对主体和客体设计合理的安全策略,合理解决自主访问控制脆弱性不灵活性等问题.以Apache服务器为例介绍SELinux的安全模型,深入研究SELinux体系结构、安全模型等内容,表述SELinux如何增加系统策略的灵活性,从而确保通用操作系统的安全.
At present, there are many security operating system models that can be used, inclu- ding SELinux, AppAHnor security model and so on, but the mandatory access control model is different. National Security Agency (NSA) release integrated access to SELinux control mecha- nism in the Linux kernel, SELinux designs a reasonable security strategy for the main body and the object with the help of RBAC model and TE model, therefore the problems of vulnerability and inflexibility of the independent access control are reasonably solved. In this paper, the A- pache Server is took as an example to introduce the security model of SELinux, The paper deeply studies the SELinux system structure, security model and so on, and expresses the SELinux how to increase the flexibility of the system policy. Eventually, the security of the gen- eral operating system is ensured.
出处
《西安文理学院学报(自然科学版)》
2016年第5期44-47,共4页
Journal of Xi’an University(Natural Science Edition)
基金
安徽省高校自然科学基金项目:"企业Linux服务器的安全应用研究"(KJ2016A382)
