| 基于Windows内核模式下进程监控的用户权限控制系统设计与实现 |
| |
| 引用本文: | 张涛,牛伟颖,孟正,梅瑞.基于Windows内核模式下进程监控的用户权限控制系统设计与实现[J].信息网络安全,2014(4):13-19. |
| |
| 作者姓名: | 张涛 牛伟颖 孟正 梅瑞 |
| |
| 作者单位: | 北京大学软件与微电子学院,北京100871 |
| |
| 基金项目: | 国家自然科学基金【61170282】 |
| |
| 摘 要: | 如何实现进程级别的访问控制仍是目前传统自主访问控制技术无法解决的问题。针对该问题,文章在深入研究Windows系统访问控制列表机制的基础上首次提出一种基于Windows内核模式下进程监控的系统访问控制方案,并给出了系统设计及关键技术的详细说明。该方案不仅解决了传统HOOK保护技术所面临的系统兼容性问题,而且将系统权限控制从账户权限控制细化到系统每一个进程的特定权限控制上,为Windows系统核心资源提供了更细颗粒度的自主访问控制。
|
| 关 键 词: | 进程权限控制 进程监控 自主访问控制 |
The Design and Implemention of Windows System Access Control based on Process Monitoring |
| |
| ZHANG Tao,NIU Wei-ying,MENG Zheng,MEI Rui.The Design and Implemention of Windows System Access Control based on Process Monitoring[J].Netinfo Security,2014(4):13-19. |
| |
| Authors: | ZHANG Tao NIU Wei-ying MENG Zheng MEI Rui |
| |
| Affiliation: | (School of Software&Microelectronics, Peking University, Beijing 100871, China) |
| |
| Abstract: | In order to solve the problem that traditional system access control technology can’t limit system’s privilege in process-level, a new solution to Windows system Discretionary Access Control with low cost is proposed. By using Windows kernel mode driver, a process monitoring system which adopts the system access token control technology is designed, the components and key technologies of it are given after a deep analysis of Windows Access Control List (ACL) mechanism. It not only solves the system compatibility issues that traditional HOOK API methods are facing, but also achieves the goal that different processes can be adjusted in different run-level of specified privileges, while providing very fine-grained discretionary access control. |
| |
| Keywords: | process access control process monitoring discretionary access control |
| 本文献已被 CNKI 维普 等数据库收录! |
