Home > OS >  Please don't confuse behavior control network security industry
Please don't confuse behavior control network security industry

Time:11-03

Please don't confuse behavior control network security industry

This paper discusses the application of behavior control difficulty, gives the specific solution,

1 my behavior control finally fire
Don't know since when, fire behavior control in network security, vaguely remember when I asked the boss around 2005 (teacher) behavior control concept, the boss said that's a good idea, but it seems to me that the space, because until today, the access control has always been the core of the system safety, in 5 years under such a background, behavior control, in my opinion, is a big breakthrough, as the boss this sentence, I have been to heart: does too, did not fall to the ground, but I have no way to solve, now see behavior control the fire, so it was kind of like the feeling of "bian and meet ChuWen king: was moved to want to cry,
2 behavior control is a difficult problem can't be born
But in the excitement, I was curious of the current popular behavior control do? Is now at home and abroad and solve the problem the abstractness of the behavior control? As is known to all, for computing system, anything can be calculated, the first thing to solve the problem of description, which gives the formal description, obviously, so also for behavior control, first to describe the behavior, but the network behavior is very abstract, involves the different levels, different granularity behavior, such as user layer, application layer, logic layer functions, the underlying code, etc., we want to focus on those behaviors, how to describe? In addition, for behavior control, another key problem is to control, even if we can well describe the behavior, how to effectively control, it is also a difficult problem, the two problems seem to have no good solution both at home and abroad, on the premise of not solve these problems, behavior control talk, only a fool lay wreaths on the tall, thin, like many years ago a leader put forward further protection, 3 d (multidimensional) three-dimensional protection concept, idea is very good, but without a specific implementation plan, finally also is passing,
3 how to behavior control technology the ground
If I wrote this, I can only calculate a dung, to put it mildly, an technology commentator, but definitely not the technician, here I want to go further, discuss about the behavior control landing,
It all started in 2005, before I put forward the behavior control (BC), until a force in the study of access control (AC), because the AC focused on to add, delete, modify, such as access to the session, such as the typical RBAC model in the application of enterprise security, but the AC model of subject and object is the biggest limit requires a clear interface, session behavior also stays in the user application logic layer, but in the bottom and a higher application, AC related models such as RBAC, DAC, MAC, BLP model is not applicable, because the subject is not clear, behaviour in many cases is not good, so I want to consider to access the session behavior extend to a more general behavior, thus obtained the BC, BC has said that I am very pride, or a little complacent, even though the boss pointed out my problem, I just thought that is critical opinion (can come up with a good IDEA is good), later, in the research of BLP model, the behavior (B) and state (S) (SYS) system have a profound understanding, driven by success in BC, I more boldly put forward the state control (SC) (wonder whether domestic also can appear a few years to SC fire!) , but BC and SC is faced with the problem of how to fall to the ground, although later I put forward some basic BC and SC model, and in some of the low level of the international conference at home and abroad, but not really know the things fall to the ground, is just a concept, which has also how it can be ground,
到了2009年,因一时闲暇,我决心解决我的心头之恨----我要找到具体的SC和BC的有效描述控制方法,找到具体的应用场景,实现BC+SC,我要证明给老板,给同学看,于是我开始考虑选择一个系统作为B,S描述和应用的对象环境,考虑到操作系统(OS)的典型性,我很自然选择分析OS的B和S,期间我列出了很多OS的B和S(前段时间听中科院信工所在对移动应用安全操作系统安全控制中也列出了多少万个行为),但为了深入研究OS内部行为,我找来linux的内核源代码,试图搞清楚OS的启动,运行情况,挖掘其内部行为,为此,我看了linux内核的许多代码,并试图顺带编写一个OS内核,到2011年,由于工作关系,我中断了OS的B和S的研究,但这阶段的研究对我影响很大,我发现了OS在代码层的大量行为,于是到2012年,由于工作项目原因,我又开始研究WEB的浏览器browser的B和S,分析网页内部运行的一些行为和状态特征,试图发现一些漏洞,随着整个项目的结束,利用闲暇机会,我决心重新关注B和S,并且是从代码层面关注B和S,我的想法是:OS中的高层应用的B和S很抽象,但在代码层则是实实在在存在的,它的所有B和S都是看得见,摸得着的,在代码层实现BC和SC是完全可能的,这样,至少我可以在代码层应用我的BC和SC,由于在代码层分析B和S,首先要提取代码的特征,而代码特征提取的最成熟技术是编译器,于是我开启了基于编译技术的代码特征分析提取研究历程,准确的说是编译器的研究历程(这其中得到的一些意外收获以后再成文讨论),历时两年,我基本完成了对代码层的B和S的提取分析,并建立了相应的模型对BC和SC的控制,
But, the problem again, can I put the BC and SC is applied to the underlying code, and how should the high-level application? How to BC implementation description control in network application? Through the agony of past, I have to return to use my victory in code layer, the application layer, the user layer B and S is mapped to the code, indirect control through the code layer at the top of B and S, but how to ensure the completeness and effectiveness of the map? For this, I almost ended my study, then, thanks to my study in 2006, a hierarchical system logic model, I basic is given from upper to lower B and S mapping problems in the application of complete reasoning, at this point, I want to say has been basically understand the landing problem of BC (control),
As to the legends of SC (state control), we can talk over time, attention please,
Is personal ideas, please clap brick, sincerely welcome to present an opinion, can BS me with my best,

Lin Mengni
In January, 2016 in Beijing

From my sina blog: http://blog.sina.com.cn/s/blog_14ecb0c6c0102w4er.html
  • Related