网络结构化高安全操作系统——本地与网络子系统间安全切换机制的设计与实现
摘要
网络安全问题日益严峻,已有的传统方法已经不再能够满足日益增长的网络安全问题的需要,单CPU双总线安全计算机体系结构(简称sCPU-dBUS)从改变计算机体系结构的角度来保障计算机系统的安全性。它包含唯一的CPU资源以及本地总线和网络总线两条独立的高速系统总线;CPU连接到主总线,而总线桥接器控制CPU与本地总线和网络总线的接通与断开。本课题组自主研发了基于sCPU-dBUS体系结构的网络结构化安全操作系统NetOS-I,它具有两个独立的操作系统子内核,分别运行于本地子系统和网络子系统。
为了使两个操作系统子内核能够合理的共享CPU,实现CPU时间片的有效分配及管理,必须有一套系统切换机制来保证系统的实时切换。为了保障系统的安全性,还需要有一套有效的安全保障机制来保障系统切换的安全性。本文设计的子系统间安全切换机制即实现了系统的安全切换。
本文首先对子系统间安全切换机制进行了总体设计:(1)设计了将两个子系统中的网络管理进程作为系统切换机制的控制枢纽,负责接收来自两个子系统的系统切换请求;(2)设计系统切换的触发模式为硬切换模式和软切换模式两种,分别用于用户控制下的系统切换和数据传输中的系统切换两种。用户按键或者输入命令后,便可以实现相应情况下的系统切换;(3)设计将时钟中断处理程序作为系统切换的出入口,以便实现系统的实时切换。
其次,本文对系统切换的安全保障机制进行了设计及实现。设计采用命令加密和命令附加密码的双重保障机制来保障系统切换的安全性。本文采用了公钥加密体制中的RSA作为命令加密的加密算法;采用了MD5作为命令附加密码方法的加密算法;采用了信号和管道的通信方式作为系统切换请求进程和网络管理进程间通信和传输数据的方式。
此外,本文对网络管理进程的初始化进行了设计和实现。最后,基于本课题组研发的安全结构智能网络终端主板对实现的子系统间安全切换机制进行了测试,并对测试结果进行了分析。结果证明可以平稳的实现系统的安全切换。
Network security problems are becoming so serious that present ways are no longer satisfied with its need. sCPU-dBUS security computer architecture is designed to protect system's security from the angle of changing computers' architecture. It has one CPU and two fast sub-buses called local-bus and network-bus. CPU is connected to main-bus and bus-bridge controls the connections between main-bus and two sub-buses. NetOS-I is developed independently by our research group based on sCPU-dBUS architecture. It has two independent OS sub-kernels running separately in two sub-areas.
To make sure two sub-systems could share CPU reasonably and time slices of CPU could be distributed effectively, there should be a system-switching mechanism to realize real-time switch. Besides, a security scheme should be realized for safe system-switching. The system-switching mechanism designed in this thesis implements the safe system-switching between sub-systems.
In this thesis, firstly overall design of system-switching mechanism is given:(1) network management processes are designed as the control hub of system-switching mechanism. It takes system-switching applications from two sub-systems. (2) Trigger of system-switching is designed as hardware trigger and instruction trigger for the two situations:switch under users' control and switch during data transfer. When users trigger, corresponding switching occurs. (3) Entrance and exit of system-switching are designed as the clock interrupt processor in order to realize real-time switching.
Then, a security insurance scheme is designed and implemented. We adopted double safeguard mechanism called instruction encryption and instruction with password to ensure security of system-switching. In the scheme, two public-key encryption algorithms called RSA and MD5 are adopted. And signal and pipe are adopted as the communication method between network management process and system-switching application process. Besides, initialization of network management process is designed and implemented. At last, system-switching mechnism is tested on the mother board of a network computer adopting the sCPU-dBUS architecture. The results show that system can be switched safely.
为了使两个操作系统子内核能够合理的共享CPU,实现CPU时间片的有效分配及管理,必须有一套系统切换机制来保证系统的实时切换。为了保障系统的安全性,还需要有一套有效的安全保障机制来保障系统切换的安全性。本文设计的子系统间安全切换机制即实现了系统的安全切换。
本文首先对子系统间安全切换机制进行了总体设计:(1)设计了将两个子系统中的网络管理进程作为系统切换机制的控制枢纽,负责接收来自两个子系统的系统切换请求;(2)设计系统切换的触发模式为硬切换模式和软切换模式两种,分别用于用户控制下的系统切换和数据传输中的系统切换两种。用户按键或者输入命令后,便可以实现相应情况下的系统切换;(3)设计将时钟中断处理程序作为系统切换的出入口,以便实现系统的实时切换。
其次,本文对系统切换的安全保障机制进行了设计及实现。设计采用命令加密和命令附加密码的双重保障机制来保障系统切换的安全性。本文采用了公钥加密体制中的RSA作为命令加密的加密算法;采用了MD5作为命令附加密码方法的加密算法;采用了信号和管道的通信方式作为系统切换请求进程和网络管理进程间通信和传输数据的方式。
此外,本文对网络管理进程的初始化进行了设计和实现。最后,基于本课题组研发的安全结构智能网络终端主板对实现的子系统间安全切换机制进行了测试,并对测试结果进行了分析。结果证明可以平稳的实现系统的安全切换。
Network security problems are becoming so serious that present ways are no longer satisfied with its need. sCPU-dBUS security computer architecture is designed to protect system's security from the angle of changing computers' architecture. It has one CPU and two fast sub-buses called local-bus and network-bus. CPU is connected to main-bus and bus-bridge controls the connections between main-bus and two sub-buses. NetOS-I is developed independently by our research group based on sCPU-dBUS architecture. It has two independent OS sub-kernels running separately in two sub-areas.
To make sure two sub-systems could share CPU reasonably and time slices of CPU could be distributed effectively, there should be a system-switching mechanism to realize real-time switch. Besides, a security scheme should be realized for safe system-switching. The system-switching mechanism designed in this thesis implements the safe system-switching between sub-systems.
In this thesis, firstly overall design of system-switching mechanism is given:(1) network management processes are designed as the control hub of system-switching mechanism. It takes system-switching applications from two sub-systems. (2) Trigger of system-switching is designed as hardware trigger and instruction trigger for the two situations:switch under users' control and switch during data transfer. When users trigger, corresponding switching occurs. (3) Entrance and exit of system-switching are designed as the clock interrupt processor in order to realize real-time switching.
Then, a security insurance scheme is designed and implemented. We adopted double safeguard mechanism called instruction encryption and instruction with password to ensure security of system-switching. In the scheme, two public-key encryption algorithms called RSA and MD5 are adopted. And signal and pipe are adopted as the communication method between network management process and system-switching application process. Besides, initialization of network management process is designed and implemented. At last, system-switching mechnism is tested on the mother board of a network computer adopting the sCPU-dBUS architecture. The results show that system can be switched safely.
引文
1王宝会,王大印,范开菊.新世纪计算机信息安全教程[J].电子工业出版社.2006.1.
2李明开.现代密码学理论与实践[M].北京:电子工业出版社,2004.
3黄登玺,卿斯汉,蒙杨.防火墙核心技术的研究和高安全等级防火墙的设计.计算机科学,pp.81-84,2002,29(10)
4 PaulG arret著,吴世忠等译,密码学导引,机械工业出版社,2003.
5 P. Eronen and J. Zitting. An expert system for analyzing firewall rules. In Proc.6th Nordic Workshop on Secure IT Systems (NordSec 2001)pp.100-107,2001.
6 K. Siyan and C. Hare. Internet Firewalls and Network Security.New Riders Publishing,Indianapolis,IN,1995.
7 A. Mayer, A. Wool, and E. Ziskind. Fang. A firewall analysis engine. In IEEE Symposium on Security and Privacy, pp.177-187, Oakland, California, May 2000.
8 M. Roesch. Snort. Lightweight intrusion detection for networks. In USENIXLISA'99, Nov.1999. www.snort.org
9 J. D. Guttman, A. L. Herzog, and F. J. Thayer. Authentication and confidentiality via IPsec. In SORICS, LNCS. Springer-Verlag, June,2000
10 Niansheng Liu, Donghui Guo. Security Analysis of Public-key Encryption Scheme Based on Neural Networks and Its Implementing. International Conference on Computational Intelligence and Security, pp.1327-1330,2006
11丁烽祥,张怡,王勇军.多网安全隔离交换系统的设计与实现[J].厦门大学学报(自然科学版).2007(46):92-97
12雷云,凌玉华,廖力清.非网连接的研究与实现[J].计算机应用研究.2004.7:230-232
13刘波,刘晓红,李正涛.计算机网络安全中物理隔离的实现[C].中国自动化学会全国第九届自动化新技术学术交流会.2004:393-395
14贺文华,陈志刚,网络安全隔离GAP技术研究[J],科学技术与工程,2007(15):58-59
15 Jean E.Smith and Fred W.Weingarten, Eds. Research Challenges for the Next Generation Internet. Computing Research Association, May 1997, Report from the Workshop on Research Directions for the Next Generation Internet
16卿斯汉,刘文清,刘海峰.操作系统安全导论.北京:科学出版社.2003
17孙锐.操作系统安全原理分析.中国科学技术大学硕士学位论文,2001.6
18石文昌.安全操作系统研究的发展.计算机科学,Vol.29 No.6,2001
19 David E.Bell, Leonard J.LaPadula. Secure Computer System:Unified Exposition and MULTICS Interpretation,MTR-2997 Rev.1,The MITRE Corporation, Bedford, MA 01730 (Mar.1976); also ESD-TR-75-306,rev.l,Electronic Systems Division, Air Force Systems Command, Hanscom Field, Bedford, MA 01731
20 DoD 5200.28-STD. Department of Defense Standard.Department of Defense Trusted Computer System Evaluation Criteria.National Computer Security Center,Ft.Meade, MD, USA, Dec 1985
21刘克龙.安全Linux操作系统及安全Web系统的形式化建模与实现.中国科学院软件研究所博士学位论文,2002.1
22刘文清,卿斯汉,刘海峰.一个修改BLP安全模型的设计及在SecLinux上的应用.软件学报,2002.04
23刘涛,罗蕾.Linux实时性能分析及双内核解决方案.计算机技术与发展,Oct,2006
24 Fengjing Shao, Rencheng Sun, Kegang Diao, Xiaopeng Wang. A Secure Architecture of Network Computer Based on Single CPU and Dual Bus. In Proc. Fifth IEEE International Symposium on Embedded Computing, Beijing, China, Oct 6-8,2008
25 Tiedong Wang, Fengjing Shao, Rencheng Sun, He Huang. A Hardware Implement of Bus Bridge Based on Single CPU and Dual Bus Architecture. International Symposium on Computer Science and Computational Technology, Shanghai, China, December 2008
26刁克刚.网络终端安全结构研究与设计:[硕士学位论文]青岛:青岛大学,2008.7
27邵峰晶,一种内部网络化的新型计算机体系结构及其装置.中国发明专利.请求号No.200810181154.X,2008.
28邵峰晶.一种新型的基于单CPU双总线的安全网络终端.中国发明专利,请求号No.200810014221.9,2008.
29黄河,邵峰晶,孙仁诚,王铁栋.双总线系统中USB主机控制器的实现[C].2009国际信息与技术应用论坛.2009.5
30王铁栋.基于sCPU-dBUS体系结构的CPU-BUSs桥接器设计与实现[D].青岛大学.2008.
31 Le Zhang, Fengjing Shao, Rencheng Sun, "Design and Realization of Embedded System Developing Platform Hardware Abstraction Layer," Journal of Qingdao University Engineering & Technology Edition, Vol.21, No.1, pp.20-25, Mar.2007.
32胡晓辉.嵌入式系统开发平台——核心层的设计与实现[D][硕士学位论文]青岛:青岛大学,2007
33陈胜涛.嵌入式系统开发平台系统功能层的设计与实现[D]:[硕士学位论文]青岛:青岛大学,2007
34翟博.嵌入式系统开发平台IP核接口层的研究与设计[D]:[硕士学位论文]青岛:青岛大学,2007
35梁顺,邵峰晶,孙仁诚.远程可维护网络终端关键技术设计.青岛大学学报自然科学版(增刊).2007.12
36黄文泽.基于双总线安全体系结构的操作系统任务调度[C].2009全国计算机网络与通信学术 会议.2009.5.
37王伟,邵峰晶.An Inter-subsystem Data Transfer Mechanism Based on A New Computer Architecture with Single CPU and Dual Bus[C].2009 International Symposium on Intelligent Systems and Application.2009,10.
38詹荣开.Linux内核的时钟中断机制[EB/OL]. http://www.linuxforum.net.
39 PhillipsBJ,Burgess N.Implementing.1024-bits RSA exponentiation on a 32-bits processorcore.IEEEInternaitonal conference on Application Specific Systems.Architecture and processor(ASAP'00),2000.
40 Shimada M and Tanaka K. Blocking Method for RSA Cryptosystem without Expanding Ciper Length. Electronics Letters,1989.
41 Hastad J. On Using RSA with Low Exponent in a Public Key Network. Advances in Cryptology-CRYPTO'85 Proceedings, New York:Springer-Verlag,1986.
42孙纪坤,张小全.嵌入式linux系统开发技术详解-基于ARM[M].北京:人民邮电出版社.2006.8.
43 Altera Corporation. Nios Ⅱ Software Developer's Handbook,2004
44 Altera Corporation. Cyclone Ⅱ Device Handbook, Volume 1, Feb 2007
45 Altera Corporation. Nios Ⅱ Processor Reference Handbook, Oct 2007
46 Altera Corporation. Quartus Ⅱ Version 7.2 Handbook, Volume 4:SOPC Builder, Oct 2007
47汤子瀛,哲凤屏,汤小舟.计算机操作系统.西安电子科技大学出版社,1996.12
48田泽.嵌入式系统开发与应用[M].北京:北京航空航天大学出版社.2005.1.
49周立功等.SOPC嵌入式系统基础教程.北京航空航天大学出版社,2006.11
50陈卓,王田,梁新元.嵌入式系统开发[M].北京:电子工业出版社,2009.4.
2李明开.现代密码学理论与实践[M].北京:电子工业出版社,2004.
3黄登玺,卿斯汉,蒙杨.防火墙核心技术的研究和高安全等级防火墙的设计.计算机科学,pp.81-84,2002,29(10)
4 PaulG arret著,吴世忠等译,密码学导引,机械工业出版社,2003.
5 P. Eronen and J. Zitting. An expert system for analyzing firewall rules. In Proc.6th Nordic Workshop on Secure IT Systems (NordSec 2001)pp.100-107,2001.
6 K. Siyan and C. Hare. Internet Firewalls and Network Security.New Riders Publishing,Indianapolis,IN,1995.
7 A. Mayer, A. Wool, and E. Ziskind. Fang. A firewall analysis engine. In IEEE Symposium on Security and Privacy, pp.177-187, Oakland, California, May 2000.
8 M. Roesch. Snort. Lightweight intrusion detection for networks. In USENIXLISA'99, Nov.1999. www.snort.org
9 J. D. Guttman, A. L. Herzog, and F. J. Thayer. Authentication and confidentiality via IPsec. In SORICS, LNCS. Springer-Verlag, June,2000
10 Niansheng Liu, Donghui Guo. Security Analysis of Public-key Encryption Scheme Based on Neural Networks and Its Implementing. International Conference on Computational Intelligence and Security, pp.1327-1330,2006
11丁烽祥,张怡,王勇军.多网安全隔离交换系统的设计与实现[J].厦门大学学报(自然科学版).2007(46):92-97
12雷云,凌玉华,廖力清.非网连接的研究与实现[J].计算机应用研究.2004.7:230-232
13刘波,刘晓红,李正涛.计算机网络安全中物理隔离的实现[C].中国自动化学会全国第九届自动化新技术学术交流会.2004:393-395
14贺文华,陈志刚,网络安全隔离GAP技术研究[J],科学技术与工程,2007(15):58-59
15 Jean E.Smith and Fred W.Weingarten, Eds. Research Challenges for the Next Generation Internet. Computing Research Association, May 1997, Report from the Workshop on Research Directions for the Next Generation Internet
16卿斯汉,刘文清,刘海峰.操作系统安全导论.北京:科学出版社.2003
17孙锐.操作系统安全原理分析.中国科学技术大学硕士学位论文,2001.6
18石文昌.安全操作系统研究的发展.计算机科学,Vol.29 No.6,2001
19 David E.Bell, Leonard J.LaPadula. Secure Computer System:Unified Exposition and MULTICS Interpretation,MTR-2997 Rev.1,The MITRE Corporation, Bedford, MA 01730 (Mar.1976); also ESD-TR-75-306,rev.l,Electronic Systems Division, Air Force Systems Command, Hanscom Field, Bedford, MA 01731
20 DoD 5200.28-STD. Department of Defense Standard.Department of Defense Trusted Computer System Evaluation Criteria.National Computer Security Center,Ft.Meade, MD, USA, Dec 1985
21刘克龙.安全Linux操作系统及安全Web系统的形式化建模与实现.中国科学院软件研究所博士学位论文,2002.1
22刘文清,卿斯汉,刘海峰.一个修改BLP安全模型的设计及在SecLinux上的应用.软件学报,2002.04
23刘涛,罗蕾.Linux实时性能分析及双内核解决方案.计算机技术与发展,Oct,2006
24 Fengjing Shao, Rencheng Sun, Kegang Diao, Xiaopeng Wang. A Secure Architecture of Network Computer Based on Single CPU and Dual Bus. In Proc. Fifth IEEE International Symposium on Embedded Computing, Beijing, China, Oct 6-8,2008
25 Tiedong Wang, Fengjing Shao, Rencheng Sun, He Huang. A Hardware Implement of Bus Bridge Based on Single CPU and Dual Bus Architecture. International Symposium on Computer Science and Computational Technology, Shanghai, China, December 2008
26刁克刚.网络终端安全结构研究与设计:[硕士学位论文]青岛:青岛大学,2008.7
27邵峰晶,一种内部网络化的新型计算机体系结构及其装置.中国发明专利.请求号No.200810181154.X,2008.
28邵峰晶.一种新型的基于单CPU双总线的安全网络终端.中国发明专利,请求号No.200810014221.9,2008.
29黄河,邵峰晶,孙仁诚,王铁栋.双总线系统中USB主机控制器的实现[C].2009国际信息与技术应用论坛.2009.5
30王铁栋.基于sCPU-dBUS体系结构的CPU-BUSs桥接器设计与实现[D].青岛大学.2008.
31 Le Zhang, Fengjing Shao, Rencheng Sun, "Design and Realization of Embedded System Developing Platform Hardware Abstraction Layer," Journal of Qingdao University Engineering & Technology Edition, Vol.21, No.1, pp.20-25, Mar.2007.
32胡晓辉.嵌入式系统开发平台——核心层的设计与实现[D][硕士学位论文]青岛:青岛大学,2007
33陈胜涛.嵌入式系统开发平台系统功能层的设计与实现[D]:[硕士学位论文]青岛:青岛大学,2007
34翟博.嵌入式系统开发平台IP核接口层的研究与设计[D]:[硕士学位论文]青岛:青岛大学,2007
35梁顺,邵峰晶,孙仁诚.远程可维护网络终端关键技术设计.青岛大学学报自然科学版(增刊).2007.12
36黄文泽.基于双总线安全体系结构的操作系统任务调度[C].2009全国计算机网络与通信学术 会议.2009.5.
37王伟,邵峰晶.An Inter-subsystem Data Transfer Mechanism Based on A New Computer Architecture with Single CPU and Dual Bus[C].2009 International Symposium on Intelligent Systems and Application.2009,10.
38詹荣开.Linux内核的时钟中断机制[EB/OL]. http://www.linuxforum.net.
39 PhillipsBJ,Burgess N.Implementing.1024-bits RSA exponentiation on a 32-bits processorcore.IEEEInternaitonal conference on Application Specific Systems.Architecture and processor(ASAP'00),2000.
40 Shimada M and Tanaka K. Blocking Method for RSA Cryptosystem without Expanding Ciper Length. Electronics Letters,1989.
41 Hastad J. On Using RSA with Low Exponent in a Public Key Network. Advances in Cryptology-CRYPTO'85 Proceedings, New York:Springer-Verlag,1986.
42孙纪坤,张小全.嵌入式linux系统开发技术详解-基于ARM[M].北京:人民邮电出版社.2006.8.
43 Altera Corporation. Nios Ⅱ Software Developer's Handbook,2004
44 Altera Corporation. Cyclone Ⅱ Device Handbook, Volume 1, Feb 2007
45 Altera Corporation. Nios Ⅱ Processor Reference Handbook, Oct 2007
46 Altera Corporation. Quartus Ⅱ Version 7.2 Handbook, Volume 4:SOPC Builder, Oct 2007
47汤子瀛,哲凤屏,汤小舟.计算机操作系统.西安电子科技大学出版社,1996.12
48田泽.嵌入式系统开发与应用[M].北京:北京航空航天大学出版社.2005.1.
49周立功等.SOPC嵌入式系统基础教程.北京航空航天大学出版社,2006.11
50陈卓,王田,梁新元.嵌入式系统开发[M].北京:电子工业出版社,2009.4.
© 2004-2018 中国地质图书馆版权所有 京ICP备05064691号 京公网安备11010802017129号 地址:北京市海淀区学院路29号 邮编:100083 电话:办公室:(+86 10)66554848;文献借阅、咨询服务、科技查新:66554700 |