摘要
基于MILS架构的嵌入式操作系统能够实现不同应用分区之间不同密级数据的安全隔离。然而,现有基于MILS架构的嵌入式操作系统无法满足任务运行出现故障后正确安全迁移的需求,从而无法实现任务功能重构和实时动态加载的目标。因此,在对现有基于MILS架构的嵌入式操作系统的优点和不足进行分析的基础上,提出了面向任务的多级安全域动态管理架构,并详细描述了架构中各个功能模块的工作原理,从而能够保证任务在特定的安全域内进行动态迁移和功能重构。
The embedded operating system based on MILS architecture can achieve security isolation of data from different application partitions.However,the existing embedded operating systems based on MILS architecture can not meet the need of secure migration,and cannot complete tasks’functional reconstruction and real-time dynamic loading after the failure of task.Therefore,on the basis of analyzing the advantages and disadvantages of the existing embedded operating systems based on MILS,a task-oriented multi-level security domain management architecture was proposed.Besides,the working principle of each functional module in the architecture was described in detail,which can ensure the dynamic migration and functional reconstruction within a specific security domain.
作者
高沙沙
王中华
GAO Sha-sha;WANG Zhong-hua(Xi’an Aeronautics Computing Technique Research Institute,AVIC,Xi’an 710068,China;School of Computer Science and Technology,Xidian University,Xi’an 710071,China)
出处
《计算机科学》
CSCD
北大核心
2019年第S11期460-463,共4页
Computer Science
基金
装发预研项目(31511020202)资助
关键词
多级安全域
MILS
功能重构
Multi-level security domains
MILS
Functional reconstruction
