Popis: |
The current operating system security is mainly achieved by controlling the access to the operating system, which cannot effectively ensure the kernel security and leads to a large amount of data redundancy in the system kernel due to the need to review and other judgments on all access operations in turn. To address these problems, we study the kernel security of operating systems based on the mandatory behavior control mechanism (MBC). Partition management of the kernel is achieved by partitioning the system kernel for isolation and setting inter-partition communication. The kernel functions are divided into three parts: security detection, storage management, and read management, to facilitate modular kernel management. After building the framework of the control The comparative experimental data show that the OS kernel data redundancy ratio is less than 13% and has good security when applying this OS security scheme. |