摘要:As th e growth o f inform atio n techno logy , the us er sp ace has been comp ort, but the secu rity has b eenm ore impo rtant. The security of op eratin g system is very important in the inform atio n s ystem. Theo perating sy stem uses vario us security p olicies depend ing on system ad ministrato rs and task environ ments.SELin ux has stro ng secu rity mo dule in Linu x, and it is estimated th at it im pro ved the security lev el in thes ystem. However, wh en an adminis trator tries to set a new rule, it is too fine-g rained an d co mplicate. Thisp ap er presents and exp lain s SEEN m odel. When new sub jects or objects are created , th eir policies can beassim ilated with the existin g policies o nline. By u sing SEEN m odel, we s how that SEEN model canp resent v ariou s secu rity policies and th e policies can be tran sfo rm ed SEEN policy. Lastly , we comp areSEEN po licy with TE po licy of SELin ux and tes t the performance of im plemented sy stem . We get tok now th at SEEN policy is easy to use and the d ecline of the perfo rmance is very small
关键词:Access cont rol mod el; SELinu x; XACML; SEEN model; DTE; Po licy Transformation
