Summary of the invention
It is set in view of this, the present invention provides a kind of booting security level selection method, device and terminal based on SELinux
It is standby, security level can be selected by user, increase the flexibility of security control.
Other characteristics and advantages of the invention will be apparent from by the following detailed description, or partially by the present invention
Practice and acquistion.
According to an aspect of the present invention, a kind of booting security level selection method based on SELinux is provided, comprising:
When terminal device is activated, security level display interface is shown, the security level display interface includes corresponding different peace
The option of congruent grade;Receive selection of the user to the different security levels;And according to user to the different safety
The selection of grade loads preassigned corresponding SELinux strategy file.
According to an embodiment of the present invention, when the terminal device is activated, the above method further include: use and be based on
The credible tolerance mechanism of hardware measures the integrality of the terminal device;And when the integrity measurement of the terminal device passes through
When, show the security level display interface.
According to an embodiment of the present invention, the security level includes: high safety grade, common security level and without peace
Congruent grade;Wherein under the high safety grade, only allow high safety using being used, the high safety application includes: payment
Using and dial code phone;Under the common security level, based on the corresponding SELinux strategy file, allow institute
Have to apply and be used;Under the no security level, it is not loaded with the SELinux strategy file.
According to an embodiment of the present invention, the credible tolerance mechanism is the reliable hardware based on TrustZone technology
Tolerance mechanism.
According to an embodiment of the present invention, the method is implemented on the booting guidance journey of the terminal device operating system
In sequence Systemd.
According to another aspect of the present invention, a kind of booting security level selection device based on SELinux is provided, is wrapped
Include: interface display module, for showing security level display interface when terminal device is activated, the security level is shown
Interface includes the option of corresponding different security level;Receiving module is selected, for receiving user to the different safety etc.
The selection of grade;And tactful loading module, for the selection according to user to the different security levels, load is preassigned
Corresponding SELinux strategy file.
According to an embodiment of the present invention, above-mentioned apparatus further include: integrity measurement module, for being set when the terminal
For when being activated, the integrality of the terminal device is measured using hardware based credible tolerance mechanism;The interface display mould
Block is also used to show the security level display interface when the integrity measurement of the terminal device passes through.
According to an embodiment of the present invention, the security level includes: high safety grade, common security level and without peace
Congruent grade;Wherein under the high safety grade, only allow high safety using being used, the high safety application includes: payment
Using and dial code phone;Under the common security level, based on the corresponding SELinux strategy file, allow institute
Have to apply and be used;Under the no security level, it is not loaded with the SELinux strategy file.
According to an embodiment of the present invention, the credible tolerance mechanism is the reliable hardware based on TrustZone technology
Tolerance mechanism.
According to an embodiment of the present invention, described device is implemented on the booting guidance journey of the terminal device operating system
In sequence Systemd.
In accordance with a further aspect of the present invention, a kind of terminal device is provided, comprising: processor;And memory, for depositing
Store up the executable instruction of the processor;Wherein the processor is configured to following to execute via the executable instruction is executed
Operation: when terminal device is activated, show that security level display interface, the security level display interface include corresponding different
Security level option;Receive selection of the user to the different security levels;And according to user to described in different
The selection of security level loads preassigned corresponding SELinux strategy file.
Booting security level selection method according to the present invention based on SELinux, can when starting up by
User selects the different safety class for needing to enter, and so as to adapt to different security contexts, increases SELinux and forces to visit
Ask the flexibility of control.
In addition, according to some embodiments, the booting security level selection method of the invention based on SELinux, further
Using the integrality of hardware based credible tolerance mechanism measurement terminal device, to ensure that the safety of kernel, so that this is opened
Machine security level selection method is high safety, even if being carried out using operating system of the super keepe permission to terminal device
The operating system of modification namely terminal device will not be threatened by root.
It should be understood that the above general description and the following detailed description are merely exemplary, this can not be limited
Invention.
Specific embodiment
Example embodiment is described more fully with reference to the drawings.However, example embodiment can be with a variety of shapes
Formula is implemented, and is not understood as limited to example set forth herein;On the contrary, thesing embodiments are provided so that the present invention will more
Fully and completely, and by the design of example embodiment comprehensively it is communicated to those skilled in the art.Attached drawing is only the present invention
Schematic illustrations, be not necessarily drawn to scale.Identical appended drawing reference indicates same or similar part in figure, thus
Repetition thereof will be omitted.
In addition, described feature, structure or characteristic can be incorporated in one or more implementations in any suitable manner
In mode.In the following description, many details are provided to provide and fully understand to embodiments of the present invention.So
And it will be appreciated by persons skilled in the art that technical solution of the present invention can be practiced and omit one in the specific detail
Or more, or can be using other methods, constituent element, device, step etc..In other cases, it is not shown in detail or describes
Known features, method, apparatus, realization or operation are to avoid a presumptuous guest usurps the role of the host and each aspect of the present invention is made to thicken.
Fig. 1 is a kind of booting security level selection method based on SELinux shown according to an illustrative embodiments
Flow chart.As shown in Figure 1, this method 10 includes:
In step s 102, when terminal device is activated, security level display interface is shown, it is different for selection by the user
Security level.
It include the option of corresponding different security level in the security level display interface, security level for example can wrap
It includes: high safety grade, common security level and without security level.
In the security level display interface, it can only show the option of different safety class, can also show not TongAn
The help information of congruent grade.For example, user can for example pass through selection when user not can determine which kind of security level of the selection
Help options displays for a user the details of different safety class, and such as under high safety grade, which function/answer only allowed
With being performed, so that user be assisted to select security level.
In step S104, selection of the user to different safety class is received.
Touching or pressing operation by detection user to different safety class option determine and receive user to not TongAn
The selection of congruent grade.
In step s 106, the selection according to user to different safety class loads the corresponding SELinux pre-established
Strategy file.
SELinux is a set of security system based on strategy.In its security strategy, master is realized by the setting of label
Control of the body to object.Wherein main body can be each process run in terminal device, and object is then all moneys in system
Source, comprising: file system, catalogue, file, file start indicator, port, message interface and network interface etc..Each process
It is owned by the label of oneself, and each object object is also owned by the label of oneself.By the SELinux security strategy write,
It can access to object object tag to control process label, such as file access, read-write and SOCKET operation.For example,
It is configured by strategy, the file that the process that label is A is B to label is allowed to be written and read;Alternatively, label is allowed to be C's
Process carries out SOCKET communication etc. to the message interface that label is D.When terminal device is activated, by SELinux strategy file
It imported into kernel, to realize the forced symmetric centralization of subsequent SELinux.
For different security levels, different SELinux strategy files, SELinux strategy file example can be prepared in advance
For example binary file.If high safety grade is that user uses when needing very safe state, such as answered in payment
With, dial code phone, into secret unit when, only allow with payment application, dial code phone or enter secret unit
The use of corresponding function/application, and other function/application is then forbidden to use.Namely under high safety grade, only permit
Perhaps for high safety using being used, high safety application includes: to pay application, dial code phone etc..It can pass through formulation
SELinux strategy controls.For allow using function/application, strategy file be configured to allow these function/applications into
Journey accesses corresponding object object, such as matched label is arranged for process and object object as described above;And for not allowing
Function/the application used then configures strategy file to these function/application processes is not allowed to access corresponding object pair
As.
For common security level, then the normal use of user, i.e., function commonly used for user/answer are not influenced
With executing corresponding forced symmetric centralization by the configuration of strategy file.Without in such as high safety grade, positive closing portion
Divide function/application use.
For no security level, then it can be not loaded with any SELinux strategy file, hence for any function/answer
The access of resource, is not limited by SELinux in demand for system.
In some embodiments, it can be implemented in Systemd system Bootloader in the above method.Systemd
Bootstrap is a kind of Starting mode of (SuSE) Linux OS, can accelerate the starting speed of linux system.
The booting security level selection method based on SELinux of embodiment of the present invention, can starting up when
It waits and is selected to need the different safety class entered that it is strong to increase SELinux so as to adapt to different security contexts by user
The flexibility of access control processed.
It will be clearly understood that the present disclosure describe how being formed and using particular example, but the principle of the present invention is not limited to
These exemplary any details.On the contrary, the introduction based on present disclosure, these principles can be applied to many other
Embodiment.
Fig. 2 is according to another booting security level selecting party based on SELinux shown in an illustrative embodiments
The flow chart of method.As shown in Fig. 2, this method 20 includes:
In step S202, when terminal device is activated, set using hardware based credible tolerance mechanism measurement terminal
Standby integrality, to guarantee the safety of kernel.
SELinux strategy file needs are loaded into the system kernel use, therefore guarantee Kernel security, further increase
The safety of SELinux security mechanism.
Above-mentioned credible tolerance mechanism guidance can for example be based on TrustZone technology.TrustZone is ARM for electronics
A kind of hardware structure that equipment safety is proposed, the hardware structure are the extension of security system in whole system design process, mesh
Mark is a variety of threats taking precautions against electronic equipment and can suffer from.
TrustZone key problem in technology is to introduce credible performing environment and common performing environment, can be commonly holding
Row is environmentally isolated, and creates the credible performing environment of credible starting (trusted boot).Credible starting is in the common execution ring of starting
Credible performing environment operating system is initialized before the operating system of border.It later, can be by authentication, key and Password Management etc.
Trusted application configuration is run in credible performing environment.
Terminal device is reset in security context by the credible starting of TrustZone, by way of only reading memory from
Immutable hardware is started, and accesses believable hardware resource (such as hardware unique key, random number generator, counting
Device, timer and credible memory etc.).The thorough design of TrustZone technology, verified credible Booting sequence is to ensure that equipment
The basis of integrality.Then credible performing environment operating system can be guided as a part starting in advance of credible Booting sequence
The os starting of common performing environment.
In step S204, when integrity measurement passes through, security level display interface is shown, it is different for selection by the user
Security level.
Security level for example may include: high safety grade, common security level and without security level.
In step S206, selection of the user to different safety class is received.
In step S208, selection according to user to different safety class loads the corresponding SELinux pre-established
Strategy file.
It should be noted that step S204~S208 in present embodiment and step S102~S106 phase in method 10
Together, details are not described herein.
The booting security level selection method based on SELinux of embodiment of the present invention, further using based on hardware
Credible tolerance mechanism measurement terminal device integrality, to ensure that the safety of kernel, so that the booting security level is selected
Selection method is high safety, even if being modified using operating system of the super keepe permission to terminal device, namely eventually
The operating system of end equipment will not be threatened by root.
It will be appreciated by those skilled in the art that realizing that all or part of the steps of above embodiment is implemented as being held by CPU
Capable computer program.When the computer program is executed by CPU, execute above-mentioned defined by the above method provided by the invention
Function.The program can store in a kind of computer readable storage medium, which can be read-only memory,
Disk or CD etc..
Further, it should be noted that above-mentioned attached drawing is only according to the present invention included by the method for illustrative embodiments
Processing schematically illustrates, rather than limits purpose.It can be readily appreciated that above-mentioned processing shown in the drawings does not indicate or limits these
The time sequencing of processing.In addition, being also easy to understand, these processing, which can be, for example either synchronously or asynchronously to be executed in multiple modules
's.
Following is apparatus of the present invention embodiment, can be used for executing embodiment of the present invention method.For apparatus of the present invention reality
Undisclosed details in example is applied, embodiment of the present invention method is please referred to.
Fig. 3 is a kind of booting security level selection device based on SELinux shown according to an illustrative embodiments
Block diagram.As shown in figure 3, the device 30 includes: interface display module 302, selection receiving module 304 and tactful loading module
306。
Interface display module 302 is used for when terminal device is activated, and shows security level display interface, described safety etc.
Grade display interface includes the option of corresponding different security level.
In some embodiments, the security level includes: high safety grade, common security level and without security level;
Wherein under the high safety grade, only allow high safety using being used, the high safety application includes: payment application and dials
Play code phone;Under the common security level, based on the corresponding SELinux strategy file, allow all application quilts
It uses;Under the no security level, it is not loaded with the SELinux strategy file.
Selection receiving module 304 is for receiving selection of the user to the different security levels.
Tactful loading module 306 loads preassigned for the selection according to user to the different security levels
Corresponding SELinux strategy file.
In some embodiments, which is implemented on the boot of the terminal device operating system
In Systemd.
The booting security level selection device based on SELinux of embodiment of the present invention, can starting up when
It waits and is selected to need the different safety class entered that it is strong to increase SELinux so as to adapt to different security contexts by user
The flexibility of access control processed.
Fig. 4 is according to another booting security level selection dress based on SELinux shown in an illustrative embodiments
The block diagram set.As shown in figure 4, the device 40 includes: interface display module 402, selection receiving module 404, tactful loading module
406 and integrity measurement module 408.
Integrity measurement module 408 is used for when the terminal device is activated, using hardware based credible measurement machine
The integrality of terminal device described in system amount.
In some embodiments, the credible tolerance mechanism is the reliable hardware tolerance mechanism based on TrustZone technology.
Interface display module 402 is used for when the integrity measurement of the terminal device passes through, and shows the security level
Display interface.
Selection receiving module 404 is for receiving selection of the user to the different security levels.
In some embodiments, the security level includes: high safety grade, common security level and without security level;
Wherein under the high safety grade, only allow high safety using being used, the high safety application includes: payment application and dials
Play code phone;Under the common security level, based on the corresponding SELinux strategy file, allow all application quilts
It uses;Under the no security level, it is not loaded with the SELinux strategy file.
Tactful loading module 406 loads preassigned for the selection according to user to the different security levels
Corresponding SELinux strategy file.
In some embodiments, which is implemented on the boot of the terminal device operating system
In Systemd.
The booting security level selection device based on SELinux of embodiment of the present invention, further using based on hardware
Credible tolerance mechanism measurement terminal device integrality, to ensure that the safety of kernel, so that the booting security level is selected
Selection method is high safety, even if being modified using operating system of the super keepe permission to terminal device, namely eventually
The operating system of end equipment will not be threatened by root.
It should be noted that above-mentioned block diagram shown in the drawings is functional entity, not necessarily must with physically or logically
Independent entity is corresponding.Can realize these functional entitys using software form, or in one or more hardware modules or
These functional entitys are realized in integrated circuit, or are realized in heterogeneous networks and/or processor device and/or microcontroller device
These functional entitys.
Through the above description of the embodiments, those skilled in the art is it can be readily appreciated that example described herein is implemented
Mode can also be realized by software realization in such a way that software is in conjunction with necessary hardware.Therefore, according to the present invention
The technical solution of embodiment can be embodied in the form of software products, which can store non-volatile at one
Property storage medium (can be CD-ROM, USB flash disk, mobile hard disk etc.) in or network on, including some instructions are so that a calculating
Equipment (can be personal computer, server, mobile terminal or network equipment etc.) executes embodiment according to the present invention
Method.
It is particularly shown and described exemplary embodiments of the present invention above.It should be appreciated that the present invention is unlimited
In detailed construction described herein, set-up mode or implementation method;On the contrary, it is intended to cover included in appended claims
Spirit and scope in various modifications and equivalence setting.