System characteristics
Optimize and strengthen the Linux 2.6 kernel technology;
Improve the performance and scalability of memory, CPU (multi-core system), input/output and network (IPV4/IPV6) in an all-round way.
Comprehensive audit capability:
It can record the activities of the whole system and the modifications made to the whole system (for example, file system operation, process system call, user password change, account addition/deletion/change, configuration change, etc.). ).
Interoperability with Unix:
It supports the latest AutoFS and NFSv4, and can be mapped with UNIX systems such as Sun Solaris, HP-UX and IBM AIX.
Interoperability with Microsoft Windows:
Samba provides interoperability with Microsoft Windows File and Print (CIFS) system, better integration and high compatibility, and better integration with Microsoft Active Directory.
Safety technical characteristics
KACF mandatory access control framework:
In addition to the realization function of access control, it also includes security label, hook function and global access policy list. Different from other mandatory access control frameworks, KACF adds the concept of role to the kernel, and system users do not directly assign labels to roles.
Decentralization of administrative personnel:
The root management function of the traditional mainstream operating system is decomposed into multiple roles, namely system administrator, security administrator and security auditor. Based on RBA mechanism, the system can flexibly define more characteristic administrators, so it is called "super-three-power" separation.
Fine-grained autonomous access control;
Traditional UNIX file permission mode is a DAC mechanism with coarse control granularity. It divides users into file owners, users in the same group and other users, and specifies read, write and execute permissions respectively. The owner of a file cannot specify that the file is accessed only by a specific user or a specific group of users. Kirin secure operating system has designed and implemented an autonomous access control policy based on access control list (ACL) that conforms to international standards.
Process capability control:
Only when a process is capable can it perform privileged operations on behalf of users. As a part of mandatory access control, capability mechanism is attached to the role-based mandatory access control framework KACF. Using role ability, process ability and file ability, different users can have different permissions to execute the same file, and the same user can also have different permissions to execute different files. In this way, the permissions of each process can be defined, so that it only has the abilities necessary to complete its functions and achieve the minimum permissions.
Type enforces mandatory access control:
In order to ensure the security of the system, the information system must be able to implement information security isolation that meets the requirements of confidentiality and integrity. Kirin secure operating system designs and implements a role-related type-based access control (TE) policy. This strategy is implemented based on KACF mandatory access control framework. According to different application purposes, the subject and object of the system are divided into different type domains, and the conversion rules and access control rules between types are defined to ensure the safe isolation of system data.
Object reuse:
The object reuse of memory and disk files is realized. Memory object reuse is used to prevent new subjects from obtaining the information left in memory by previous subjects. The reuse of memory objects is realized when allocating memory, and the reuse is prohibited by overwriting memory. Before releasing the disk data block, the contents of the data block are first overwritten and then released, thus ensuring that the contents of the previous file will not remain in the disk block.
Mandatory integrity control:
Protect the integrity of data in real time in the whole system. By implementing the integrity control strategy, Kirin secure operating system ensures that high-level files and processes will not be destroyed by low-level processes. When the system is running, high-level processes will be degraded after executing low-level files, while low-level processes cannot upgrade their permissions by executing files.
Multi-level security:
The main purpose of multilevel security technology is to realize the confidentiality of the system and prohibit reading and writing, that is, to protect high-secret information from flowing to low-secret information. In order to be more practical, Kirin put forward the separation technology of process security level and user security level, and put forward the concept of classified application. In the whole security framework, BLP rules are easier to implement than other products.
Security audit:
Security audit mechanism creates and maintains access records of protected objects, which can prevent unauthorized users from accessing or destroying these records. The audit administrator can determine the events that need to be audited according to the running state and current situation of the system, and use the analysis software to process the log files.