CN106453413A - 在多系统中应用SELinux安全策略的方法及装置 - Google Patents
在多系统中应用SELinux安全策略的方法及装置 Download PDFInfo
- Publication number
- CN106453413A CN106453413A CN201611075613.7A CN201611075613A CN106453413A CN 106453413 A CN106453413 A CN 106453413A CN 201611075613 A CN201611075613 A CN 201611075613A CN 106453413 A CN106453413 A CN 106453413A
- Authority
- CN
- China
- Prior art keywords
- selinux
- subsystem
- java
- policy
- system kernel
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
- 238000000034 method Methods 0.000 title claims abstract description 108
- 230000008569 process Effects 0.000 claims description 73
- 230000008676 import Effects 0.000 claims description 51
- 230000008859 change Effects 0.000 claims description 3
- 230000004048 modification Effects 0.000 description 12
- 238000012986 modification Methods 0.000 description 12
- 230000006854 communication Effects 0.000 description 9
- 238000004891 communication Methods 0.000 description 9
- 230000006870 function Effects 0.000 description 8
- 230000007246 mechanism Effects 0.000 description 6
- 238000004590 computer program Methods 0.000 description 5
- 238000010586 diagram Methods 0.000 description 5
- 238000005516 engineering process Methods 0.000 description 5
- 239000000203 mixture Substances 0.000 description 3
- 230000008901 benefit Effects 0.000 description 2
- 230000008878 coupling Effects 0.000 description 2
- 238000010168 coupling process Methods 0.000 description 2
- 238000005859 coupling reaction Methods 0.000 description 2
- 230000006872 improvement Effects 0.000 description 2
- 230000002452 interceptive effect Effects 0.000 description 2
- 238000003672 processing method Methods 0.000 description 2
- 230000008439 repair process Effects 0.000 description 2
- GOLXNESZZPUPJE-UHFFFAOYSA-N spiromesifen Chemical compound CC1=CC(C)=CC(C)=C1C(C(O1)=O)=C(OC(=O)CC(C)(C)C)C11CCCC1 GOLXNESZZPUPJE-UHFFFAOYSA-N 0.000 description 2
- 230000004913 activation Effects 0.000 description 1
- 230000007175 bidirectional communication Effects 0.000 description 1
- 230000005540 biological transmission Effects 0.000 description 1
- 238000011217 control strategy Methods 0.000 description 1
- 238000013461 design Methods 0.000 description 1
- 238000011161 development Methods 0.000 description 1
- 238000004519 manufacturing process Methods 0.000 description 1
- 238000012545 processing Methods 0.000 description 1
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/10—Network architectures or network communication protocols for network security for controlling access to devices or network resources
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
- G06F21/56—Computer malware detection or handling, e.g. anti-virus arrangements
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/57—Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/57—Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
- G06F21/572—Secure firmware programming, e.g. of basic input output system [BIOS]
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Hardware Design (AREA)
- General Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Software Systems (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Health & Medical Sciences (AREA)
- General Health & Medical Sciences (AREA)
- Virology (AREA)
- Bioethics (AREA)
- Computing Systems (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Stored Programmes (AREA)
Abstract
Description
Claims (10)
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201611075613.7A CN106453413B (zh) | 2016-11-29 | 2016-11-29 | 在多系统中应用SELinux安全策略的方法及装置 |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201611075613.7A CN106453413B (zh) | 2016-11-29 | 2016-11-29 | 在多系统中应用SELinux安全策略的方法及装置 |
Publications (2)
Publication Number | Publication Date |
---|---|
CN106453413A true CN106453413A (zh) | 2017-02-22 |
CN106453413B CN106453413B (zh) | 2019-06-25 |
Family
ID=58222932
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201611075613.7A Active CN106453413B (zh) | 2016-11-29 | 2016-11-29 | 在多系统中应用SELinux安全策略的方法及装置 |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN106453413B (zh) |
Cited By (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN106775903A (zh) * | 2017-02-24 | 2017-05-31 | 北京小米移动软件有限公司 | 安全策略文件更新方法及装置 |
CN109964227A (zh) * | 2017-10-30 | 2019-07-02 | 华为技术有限公司 | 更新SELinux安全策略的方法及终端 |
CN110673849A (zh) * | 2019-08-14 | 2020-01-10 | 惠州市德赛西威智能交通技术研究院有限公司 | 一种批量预设置文件安全上下文的方法及装置 |
CN112861118A (zh) * | 2021-04-26 | 2021-05-28 | 湖北亿咖通科技有限公司 | 双系统的容器间安全策略隔离方法、电子设备及存储介质 |
US11775643B2 (en) | 2020-10-16 | 2023-10-03 | Industrial Technology Research Institute | Method and system for labeling object and generating security policy of operating system |
Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN102592092A (zh) * | 2012-01-09 | 2012-07-18 | 中标软件有限公司 | 一种基于SELinux安全子系统的策略适配系统及方法 |
CN105184153A (zh) * | 2015-08-26 | 2015-12-23 | 北京元心科技有限公司 | 智能终端及其基于多级容器的应用程序运行方法 |
CN105511879A (zh) * | 2015-12-11 | 2016-04-20 | 北京元心科技有限公司 | 基于定时器的多系统启动方法和智能终端 |
CN106096418A (zh) * | 2016-06-02 | 2016-11-09 | 北京元心科技有限公司 | 基于SELinux的开机安全等级选择方法、装置及终端设备 |
-
2016
- 2016-11-29 CN CN201611075613.7A patent/CN106453413B/zh active Active
Patent Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN102592092A (zh) * | 2012-01-09 | 2012-07-18 | 中标软件有限公司 | 一种基于SELinux安全子系统的策略适配系统及方法 |
CN105184153A (zh) * | 2015-08-26 | 2015-12-23 | 北京元心科技有限公司 | 智能终端及其基于多级容器的应用程序运行方法 |
CN105511879A (zh) * | 2015-12-11 | 2016-04-20 | 北京元心科技有限公司 | 基于定时器的多系统启动方法和智能终端 |
CN106096418A (zh) * | 2016-06-02 | 2016-11-09 | 北京元心科技有限公司 | 基于SELinux的开机安全等级选择方法、装置及终端设备 |
Non-Patent Citations (1)
Title |
---|
张涛 等: "基于SELinux强制访问控制的进程权限控制技术研究与实现", 《技术研究》 * |
Cited By (7)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN106775903A (zh) * | 2017-02-24 | 2017-05-31 | 北京小米移动软件有限公司 | 安全策略文件更新方法及装置 |
CN109964227A (zh) * | 2017-10-30 | 2019-07-02 | 华为技术有限公司 | 更新SELinux安全策略的方法及终端 |
CN113791813A (zh) * | 2017-10-30 | 2021-12-14 | 华为技术有限公司 | 更新SELinux安全策略的方法及终端 |
US11222118B2 (en) | 2017-10-30 | 2022-01-11 | Huawei Technologies Co., Ltd. | Method for updating selinux security policy and terminal |
CN110673849A (zh) * | 2019-08-14 | 2020-01-10 | 惠州市德赛西威智能交通技术研究院有限公司 | 一种批量预设置文件安全上下文的方法及装置 |
US11775643B2 (en) | 2020-10-16 | 2023-10-03 | Industrial Technology Research Institute | Method and system for labeling object and generating security policy of operating system |
CN112861118A (zh) * | 2021-04-26 | 2021-05-28 | 湖北亿咖通科技有限公司 | 双系统的容器间安全策略隔离方法、电子设备及存储介质 |
Also Published As
Publication number | Publication date |
---|---|
CN106453413B (zh) | 2019-06-25 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN106453413A (zh) | 在多系统中应用SELinux安全策略的方法及装置 | |
CN101755271B (zh) | 用于在连接受限设备配置和开放服务网关联盟环境中管理访问特权的方法和装置 | |
CN105630615A (zh) | 跨系统的应用控制方法和智能终端 | |
CN106778291B (zh) | 应用程序的隔离方法及隔离装置 | |
CN105046156B (zh) | 智能终端及其设备访问权限控制方法 | |
CN106878292A (zh) | 控制方法,控制装置、车载设备和交通运输工具 | |
CN101403973B (zh) | 提高嵌入式Linux内核安全性的应用程序启动方法和系统 | |
CN106534148A (zh) | 应用的访问管控方法及装置 | |
US20110247013A1 (en) | Method for Communicating Between Applications on an External Device and Vehicle Systems | |
EP1849066B1 (fr) | Chargement dynamique sécurisé | |
CN103067392B (zh) | 一种基于Android终端的安全访问控制方法 | |
CN106330984A (zh) | 访问控制策略的动态更新方法及装置 | |
US10075443B2 (en) | System, apparatus and method for stateful application of control data in a device | |
CN105184153B (zh) | 智能终端及其基于多级容器的应用程序运行方法 | |
CN102246144A (zh) | 用于在计算机平台上安装程序的方法和装置 | |
US20100306393A1 (en) | External access and partner delegation | |
CN103460186A (zh) | 用于更新数据载体的方法 | |
CN100375033C (zh) | 一种用于在操作系统分区环境中使用细粒度特权模型管理进程活动的方法和设备 | |
CN106055968B (zh) | 一种权限设置方法、装置及电子设备 | |
CN103092645B (zh) | 一种基于微内核技术的地理空间信息应用系统及其实现方法 | |
CN107871062A (zh) | 一种应用权限控制方法、装置及终端 | |
CN110209416A (zh) | 应用软件更新方法、装置、终端及存储介质 | |
CN102938043A (zh) | 授权应用对安全资源的访问 | |
CN106776013A (zh) | 多系统的资源调度方法及装置 | |
CN106487811A (zh) | 多容器间通信的方法及装置 |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
C06 | Publication | ||
PB01 | Publication | ||
C10 | Entry into substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant | ||
TR01 | Transfer of patent right |
Effective date of registration: 20210129 Address after: 101300 room 153, 1 / F, building 17, 16 Caixiang East Road, Nancai Town, Shunyi District, Beijing Patentee after: Yuanxin Information Technology Group Co.,Ltd. Address before: 100176 room 2222, building D, building 33, 99 Kechuang 14th Street, Beijing Economic and Technological Development Zone, Beijing Patentee before: BEIJING YUANXIN SCIENCE & TECHNOLOGY Co.,Ltd. |
|
TR01 | Transfer of patent right | ||
EE01 | Entry into force of recordation of patent licensing contract |
Application publication date: 20170222 Assignee: Beijing Yuanxin Junsheng Technology Co.,Ltd. Assignor: Yuanxin Information Technology Group Co.,Ltd. Contract record no.: X2021110000018 Denomination of invention: Method and device of applying SELinux security policy in multi system Granted publication date: 20190625 License type: Common License Record date: 20210531 |
|
EE01 | Entry into force of recordation of patent licensing contract |