Research on High Secure Computing Platform Architecture Based on Multi-kernel and Multi-domain Security Extended Level by Level

doi:10.3969/j.issn.1671-1122.2015.09.056

Abstract

Abstract:

This paper analyzed the reality of computing platform and the threats, aiming at the requirements of homemade and threat computing software and hardware platform, high security level, and security trusted, used secure hardware platform, secure kernel firmware, secure domain three level framework, put forward the high secure computing platform architecture based on multi-kernel and multi-domain security extended level by level. The architecture uses trust computing, security and virtualized technology, realizes embed trust root, combine several secure mechanisms, overcomes the limitations of original computing platform architecture, and promotes the safety of high secure computing platform comprehensively.

Key words: security extended level by level, high security, computing platform, architecture

CLC Number:

TP309

Zhi-yin KONG, Xian-yong GUO, Lun-wei WANG. Research on High Secure Computing Platform Architecture Based on Multi-kernel and Multi-domain Security Extended Level by Level[J]. Netinfo Security, 2015, 15(9): 253-256.

Figures/Tables 3

References 14

[1]	王小山,杨安,石志强,等. 工业控制系统信息安全新趋势[J]. 信息网络安全,2015,(1):6-11.
[2]	ESD-TR-73-278 Electronic Systems Division[S]. USA: Air Force Systems Command, 1973.
[3]	90CH2884-5 IEEE Computer Society Symposium on Research in Security and Privacy[S]. USA: IEEE, 1990.
[4]	翟桂锋,曾庆凯. Flask结构对象管理器的通用设计与实现[J]. 中国电子商情:通信市场,2010,(3):95-98.
[5]	LOSCOCCO P. SMALLEY S. Meeting Critical Security Objectives with Security-Enhanced Linux[EB/OL]. .
[6]	张毅,王伟,王刘程,等. 一种基于可信计算技术的源代码安全审查模型[J]. 信息网络安全,2014,(10):1-6.
[7]	马林立. 外军网电空间战—现状与发展[M]. 北京:国防工业出版社,2012.
[8]	李海威,范博,李文锋. 一种可信虚拟平台构建方法的研究和改进[J]. 信息网络安全,2015,(1):1-5.
[9]	虚拟化与云计算小组. 虚拟化与云计算[M]. 北京:电子工业出版社,2009.
[10]	LOSCOCCO P, SMALLEY S.Integrating Flexible Support for Security Policies into the Linux Operating System[C]//Proceedings of the FREENIX Track: 2001 USENIX Annual Technical ConferenceUSENIX Association, 2001: 64-72.
[11]	卿斯汉,曾山松,杜超. Windows安全基线研究[J]. 信息网络安全,2015,(3):6-13.
[12]	刘建伟,程东旭,李妍. 移动终端高安全可信计算平台架构[J]. 中兴通讯技术,2015,(3):11-15.
[13]	杜振龙,沙光侠,李晓丽,等. MIPS架构计算机平台的支持固件研究[J]. 兰州理工大学学报,2013,39(5):94-99.
[14]	张红旗,刘江,代向东,等. 一种多级跨域访问控制管理模型[J]. 信息网络安全,2014,(2):1-6.