检索规则说明:AND代表“并且”;OR代表“或者”;NOT代表“不包含”;(注意必须大写,运算符两边需空一格)
检 索 范 例 :范例一: (K=图书馆学 OR K=情报学) AND A=范并思 范例二:J=计算机应用与软件 AND (U=C++ OR U=Basic) NOT M=Visual
名 称:
注 释:
作 者:陈昊[1] 罗蕾[1] 李允[1] 陈丽蓉[1] Chen Hao;Luo Lei;Li Yun;Chen Lirong(School of Computer Science&Engineering,University of Electronic Science&Technology of China,Chengdu 611731,China)
机构地区:[1]电子科技大学计算机科学与工程学院,成都611731
出 处:《计算机应用研究》2018年第4期1142-1149,共8页Application Research of Computers
基 金:国家"十二五"核高基重大专项资助项目(2009ZX01038-002-003)
摘 要:驱动程序对系统安全性和稳定性起着至关重要的作用,但由于其复杂和多样性,导致难以成为操作系统的可信模块。近期研究表明,在用户空间内执行驱动程序,可提高系统稳定性并降低开发难度,但对系统产生了潜在的安全威胁。为此,从限制驱动程序可能的行为出发,对面向安全的轻量级通用用户态驱动框架进行了研究,通过内核态驱动命令解释器与安全策略检查相结合的手段,确保驱动模块的安全性与隔离性。通过实验测量框架对系统产生一定负载,但不会对系统的正常运行产生明显影响。Device drivers play critical roles in overall security and reliability of an operating system.However,the complexity and variety make them unexpected to be trusted.Recent efforts have demonstrated that running device drivers in the user-space will improve the system reliability and reduce the difficulty of driver development.However,it also brings in potential threats.This paper presented a general lightweight user-level driver framework dedicated to security purpose.The framework restricted the possible behaviors of a driver in a secure boundary by integrating security strategies into a kernel-level command interpre-ter,and thus,ensured the security and isolation of device drivers.The evaluation shows that minor overhead will imposed to the system when compares to the kernel-level device drivers,and this overhead does not make a significant impact to the system performance.
关 键 词:用户态驱动 安全性 操作系统 页表 驱动命令解释器 中断
分 类 号:TP311.5[自动化与计算机技术—计算机软件与理论]
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在链接到云南高校图书馆文献保障联盟下载...
云南高校图书馆联盟文献共享服务平台 版权所有©
您的IP:3.133.59.209