检索规则说明:AND代表“并且”;OR代表“或者”;NOT代表“不包含”;(注意必须大写,运算符两边需空一格)
检 索 范 例 :范例一: (K=图书馆学 OR K=情报学) AND A=范并思 范例二:J=计算机应用与软件 AND (U=C++ OR U=Basic) NOT M=Visual
名 称:
注 释:
机构地区:[1]国防科学技术大学计算机学院。湖南长沙410073
出 处:《计算机工程与科学》2011年第6期21-25,共5页Computer Engineering & Science
基 金:国家863计划资助项目(2007AA01Z461)
摘 要:可信路径为用户提供一种途径来鉴别系统,确认所交互的系统没有被篡改,从而防止特洛伊木马之类的恶意代码窃取口令或截取会话。本论针对Unix类操作系统提出了一种可信路径的完整设计,它包括可信登录和可信会话两部分,每一部分又分为控制台界面和图形界面两种情形。本文还从可信路径角度把系统划分为四个状态,并描述了它们之间的转换关系,而安全注意键则是导致状态转换的操作。基于这些转换关系可以更加容易把设计映射到实际的系统。最后,基于FreeBSD操作系统实现了安全注意键以唤醒用户与系统之间的可信路径。通过可信路径,FreeBSD能够为用户提供一个更加安全的操作环境。The trusted path provides a way for users to authenticate computer systems so that they are assured the systems are not tampered and malicious code such as Trojan Horses couldn't steal their passwords or intercept their sessions.The paper first puts forward a complete design of trusted paths,which aims at Unix-like operating systems and consists of two parts: trusted login and trusted session,and both parts should handle the situations of console interface and graphical interface respectively.And also in accordance with the trusted path,an operating system is divided into four states and a secure attention key will lead to state transitions.With the relation of these states,the design can be more easily mapped into real operating systems.And then the paper gives an implementation through a secure attention key which invokes a trusted path between the user and the system in the FreeBSD operating system.With the trusted paths,FreeBSD can provide a much more secure operating environment for its users.
关 键 词:可信路径 安全注意键 可信会话控制台 Unix类操作系统
分 类 号:TP309[自动化与计算机技术—计算机系统结构]
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在链接到云南高校图书馆文献保障联盟下载...
云南高校图书馆联盟文献共享服务平台 版权所有©
您的IP:3.133.122.83