计算机技术与发展2017,Vol.27Issue(5):113-119,7.DOI:10.3969/j.issn.1673-629X.2017.05.024
操作系统客体重用安全的研究
Investigation on Object Reuse Security in Operating System
摘要
Abstract
Object resources,such as memory and disk,could be repeatedly used by different subject when system running.When object resources are released by previous subject and allocated for next subject,the residual information in the object by previous subject will be possibly acquired by next subject,which can cause information leakage.For the requirement of object reuse and residual information protection in secure Operating System (OS),analysis on the potential security risks while object reusing in OS have been conducted and a secure object reuse method with Linux OS has been presented.By monitoring memory page and disk space operation in Linux kernel,the events of memory page allocation and disk space release would be captured,and then allocated memory page would be zeroed and released disk space would be securely erased based on user configuration,which can ensure that residual information in object has certainly been cleared before object reuse.Test results verify that this method not only transparently implements secure object reuse,but also has little performance loss.So it does not affect normal system usage when using this method.关键词
安全操作系统/客体重用/信息泄露/剩余信息保护/安全擦除Key words
secure OS/object reuse/information leakage/residual information protection/secure erase分类
信息技术与安全科学引用本文复制引用
黄益彬,郑卫波,宋子锋..操作系统客体重用安全的研究[J].计算机技术与发展,2017,27(5):113-119,7.基金项目
江苏省工业和信息产业转型升级专项项目(2015SJXKJ5038) (2015SJXKJ5038)
国网电力科学研究计划(5246DR150002) (5246DR150002)
