원문정보
초록
영어
Nowadays, technologies of information security have been attached more and more importance to and it's a critical problem to take measures to ensure the reliability of related trustworthy software such as secure operating systems (SOSs). Thereafter, it's always necessary for such systems to be taken complete and rigorous security test and evaluation among development team and/or by third-party security certification organization. However, such software testing is usually time consuming, cost consuming and boresome and thus technologies of software testing automation have alluring application foreground in that field. In this paper, methods and technologies about how to test a SOS automatically are discussed in breadth and in depth at first. Then least privilege is studied and the corresponding modules of security enhancement are added to Linux based on Linux Kernel Modules (LKM). Finally, a prototype of automatic security testing as to such least privilege mechanism is implemented and the results are analyzed.
목차
1. Introduction
2. Automatization of security testing for secure operating systems
2.1. Extensions of security testing with varied automatic testing methods
2.2. Framework of whole automatic security testing platform for SOS
2.3.Modular design for system call testers
3. Security enhancement as to Linux based on least privilege
3.1. Least privilege mechanism
3.2. Architecture of the SOS prototype
3.3. Implementation of the SOS prototype
4. Automatic security testing of least privilege mechanisms
4.1. Analysis of testing target
4.2. Design and implementation of automatic security testing platform
4.3. Test and results
5. Summary
6. Acknowledgements
7. References