系统安全隔离技术研究综述  被引量：20

作　　者：郑显义[1,2] 史岗[1,2] 孟丹[1,2] 

机构地区：[1]中国科学院信息工程研究所,北京100093 [2]中国科学院大学,北京100049

出　　处：《计算机学报》2017年第5期1057-1079,共23页Chinese Journal of Computers

基　　金：国家"八六三"高技术研究发展计划项目基金(2012AA01A401);国家"核高基"科技重大专项基金(2013ZX01029003-001)资助~~

摘　　要：随着网络技术的迅速发展和系统功能的日益复杂,系统越来越需要一个可以信赖的计算环境来保证敏感信息的安全性、完整性和可靠性.系统不仅需要保证敏感应用程序自身代码的安全,而且要保证其执行过程的隔离性以确保程序执行的操作和结果不会被攻击和窃取.尽管近几年在系统安全研究方面有着显著的进步,然而,损坏系统内核的攻击仍引起很大的威胁.这类攻击能访问系统的敏感数据,隐藏恶意行为,提高恶意进程的权限,改变系统行为,甚至控制整个系统.传统地,系统保护是通过使用与内核一样运行在同样地址空间和权限级别的安全机制实现的.然而,这种途径不足够安全,因为攻击者一旦成功损坏内核随后也将能损坏这些安全机制.为了实现真正的内核和关键数据保护,安全机制应被进行隔离保护,为此在系统中构建一个可信的隔离运行环境对系统安全是至关重要的.该文首先对各种安全隔离技术进行了整体概述,重点对各自的实现机制和系统架构做了深入分析,紧接着探讨了安全隔离技术在解决系统安全问题方面的研究现状,并在此基础上分析了其各自的优势与存在的不足,并将它们做了对比分析,最后结合当前信息安全领域存在的突出问题展望了安全隔离技术未来的发展方向和应用需求.Due to the rapid development of network technology and the increasing complexity of system function,the system security is becoming more and more important.Therefore,a trusted computing environment is intensively needed to ensure the security,integrity and reliability of sensitive information.The system not only needs to ensure the security of the sensitive applications itself,but also it is necessary to ensure the isolation of the execution process to protect the operations and results from being attacked.The attacks of compromising kernel still cause a great threat,although there is a remarkable progress in the study of system security in recent years.This kind of attack can access the sensitive data of the system,hide malicious behavior,improve the authority of the malicious process,change the system behavior,and even control the whole system.Traditionally,the system protection is implemented by using security mechanisms operating at the same address space and level of authority as well as the kernel.However,this approach is not enough safe,because these security mechanisms can be damaged lately if the attacker has damaged the kernel successfully.In order to realize the protection of authentic kernel and key data,the securitymechanism should be isolated and protected,so an isolated operating environment is essential.First of all,we summary kinds of secure isolation technologies as a whole and make the in-depth analysis of their implementing mechanisms and system architecture.Then we discuss the research status of solving the existing system security problems based on these security isolation technologies in further.And on the basis of this we analyze their respective advantages and disadvantages of these isolation technologies and make a comparative analysis of them on this basis of the analysis.Finally,we look forward to future development direction and application requirements of the secure isolation technology combing with the outstanding problems that exist in the field of information security.

关 键 词：系统架构 可信执行环境 系统安全 安全隔离 虚拟化技术 

分 类 号：TP302[自动化与计算机技术—计算机系统结构]