参考文献
[1]吴振豪, 高健博, 李青山, 等. 数据安全治理中的安全技术研究[J]. 信息安全研究, 2021, 7(10): 907914[2]US Department of Defense. Department of Defense Trusted Computer System Evaluation Criteria[EBOL]. 1986 [20211115]. https:doi.org10.10079781349120208[3]Clark D D. Computers at Risk: Safe Computing in the Information Age[M]. Washington: National Academy Press, 1991: 1819[4]Bishop M. Computer security: Art and science[J]. Leonardo, 2015, 17(2): 8186[5]郭玮. 基于Linux安全增强操作系统的访问控制机制的研究[D]. 南京: 南京大学, 2004[6]McLean J. A comment on the ‘basic security theorem’of Bell and LaPadula[J]. Information Processing Letters, 1985, 20(2): 6770[7]Nelson L, Bornholt J, Krishnamurthy A, et al. Noninterference specifications for secure systems[J].ACM SIGOPS Operating Systems Review, 2020, 54(1): 3139[8]Flink C W, Weiss J D. System VMLS labeling and mandatory policy alternatives[J]. AT and T Technical Journal, 1988, 67(3): 5364[9]Goguen J A, Meseguer J. Security policies and security models[C] Proc of 1982 IEEE Symp on Security and Privacy. Piscataway, NJ: IEEE, 1982: 1111[10]Biba K J. Integrity considerations for secure computer systems[R]. Bedford, Mass: USAF Electronic Systems Division, 1977[11]Clark D D, Wilson D R. A comparison of commercial and military computer security policies[C] Proc of 1987 IEEE Symp on Security and Privacy. Los Alamitos, CA: IEEE Computer Society, 1987: 184184[12]Brewer D F C, Nash M J. The chinese wall security policy[C] Proc of IEEE Symp on Security and Privacy. Piscataway, NJ: IEEE, 1989: 206214[13]Sandhu R S, Coyne E J, Feinstein H L, et al. Rolebased access control models[J]. Computer, 1996, 29(2): 3847[14]Badger L, Sterne D E, Sherman D L, et al. A domain and type enforcement Unix prototype[J]. Computing Systems, 1996, 9(1): 4783[15]Yuan E, Tong J. Attributed based access control (ABAC) for Web services[C] Proc of IEEE Int Conf on Web Services (ICWS’05). Piscataway, NJ: IEEE, 2005: 561569[16]Riley S. Mandatory integrity control in Windows Vista[EBOL]. [20211125]. http:blogs.technet.combsterileyarchive2006 0721442870.aspx[17]Ray E, Schultz E E. An early look at Windows Vista security[J]. Computer Fraud & Security, 2007, 2007(1): 47[18]Microsoft. Understanding enhanced protected mode[EBOL]. [20211123]. https:docs.microsoft.comenusarchiveblogsieinternalsunderstandingenhancedprotectedmode[19]卿斯汉, 程伟, 杜超. Windows操作系统的安全风险可控性分析[J]. 信息网络安全, 2015 (4): 512[20]Wright C, Cowan C, Morris J, et al. Linux security module framework[C] Proc of Ottawa Linux Symp. 2002: 604617[21]Wright C, Cowan C, Smalley S, et al. Linux security modules: General security support for the Linux kernel[C] Proc of the 11th USENIX Security Symp. San Francisco, California, USA: USENIX Association, 2002[22]Loscocco P, Smalley S. Integrating flexible support for security policies into the Linux operating system[C] Proc of the FREENIX Track: 2001 USENIX Annual Technical Conf. Boston, Massachusetts, USA, 2001[23]Schaufler C. The simplified mandatory access control kernel[J]. White Paper, 2008: 111[24]Harada T, Handa T. TOMOYO Linux: A lightweight and manageable security system for PC and embedded Linux[C] Proc of Ottawa Linux Symp. 2007: 2730[25]Bauer M. Paranoid penguin: An introduction to Novell AppArmor[J]. Linux Journal, 2006, 2006(148): 1313[26]Ecarot T, Dussault S, Souid A, et al. AppArmor for health data access control: Assessing risks and benefits[C] Proc of the 7th Int Conf on Internet of Things: Systems, Management and Security (IOTSMS). Piscataway, NJ: IEEE, 2020: 17[27]Yama[ROL]. [20211224]. https:www.kernel.orgdocDocumentationsecurity Yama.txt, 2017[28]Spengler B. The case for grsecurity[ROL]. [20211224]. https:grsecurity.netpapers[29]卿斯汉. Android安全的研究现状与展望[J]. 电信科学, 2016, 32(10): 26, 1214[30]许艳萍, 马兆丰, 王中华, 等. Android智能终端安全综述[J]. 通信学报, 2016,37(6): 169184[31]张玉清, 王凯, 杨欢, 等. Android安全综述[J]. 计算机研究与发展, 2014, 51(7): 13851396[32]Android. Permissions on Android[EBOL]. [20211221]. https:developer.android.google.cnguidetopicspermissions overview[33]李大明. 一种操作系统增强访问控制实现技术研究[D]. 北京: 中国舰船研究院, 2012[34]卿斯汉. Android安全研究进展[J]. 软件学报, 2016, 27(1): 4571[35]Android. Application sandbox[EBOL]. [20211210].https:source.android.google.cnsecurityappsandbox[36]Smalley S, Craig R. Security enhanced (SE) Android: Bringing flexible MAC to Android[C] Proc of the 20th Annual Network and Distributed System Security Symp. 2013[37]Android. SecurityEnhanced Linux in Android[EBOL]. [20211210]. https:source.android.google.cnsecurityselinux[38]SELinux Project Wiki. Security enhancements (SE) for Android[EBOL]. [20211212]. http:selinuxproject.orgpageSEAndroid[39]Nauman M, Khan S, Zhang X. Apex: Extending Android permission model and enforcement with userdefined runtime constraints[C] Proc of the 5th ACM Symp on Information, Computer and Communications Security. New York: ACM, 2010: 328332[40]Ongtang M, McLaughlin S, Enck W, et al. Semantically rich applicationcentric security in Android[J].Security and Communication Networks, 2012, 5(6): 658673[41]Bugiel S, Davi L, Dmitrienko A, et al. XManDroid: A new Android evolution to mitigate privilege escalation attacks, TR201104[R]. Darmstadt: Technische Universitt Darmstadt, 2011[42]Bugiel S, Davi L, Dmitrienko A, et al. Practical and lightweight domain isolation on Android[C] Proc of the 1st ACM Workshop on Security and Privacy in Smartphones and Mobile Devices. New York: ACM, 2011: 5162[43]Qiu Jun, Yang Xuewu, Wu Huamao, et al. LibCapsule: Complete confinement of thirdparty libraries in Android applications[JOL]. [20211120]. https:ieeexplore.ieee.orgdocument9416775[44]Han Weili, Cao Chang, Zhou Zhe, et al. A smart framework for finegrained microphone acoustic permission management[J]. IEEE Trans on Dependable and Secure Computing, 2021, 18(6): 27052718[45]Qi Wen, Ding Wanfu, Wang Xinyu, et al. Construction and mitigation of userbehaviorbased covert channels on smartphones[J]. IEEE Trans on Mobile Computing, 2018, 17(1): 4457[46]Frank M, Dong B, Felt A P, et al. Mining Permission request patterns from Android and facebook applications (extended author version)[C] Proc of the 12th IEEE Int Conf on Data Mining. Piscataway, NJ: IEEE, 2020: 870875[47]Bugiel S, Heuser S, Sadeghi A R. Flexible and finegrained mandatory access control on Android for diverse security and privacy policies[C] Proc of the 22nd Usenix Security Symp. Berkeley, CA: USENIX Association, 2013: 131146[48]Na J S, Kim Y, Choi Y J, et al. Mandatory access control for Android application[C] Proc of the 2014 Int Conf on Information and Communication Technology Convergence (ICTC). Piscataway, NJ: IEEE, 2014: 299300[49]Enck W, Gilbert P, Han S, et al. TaintDroid: An informationflow tracking system for realtime privacy monitoring on smartphones(Article)[J].ACM Trans on Computer Systems, 2014, 32(2): 5(129)[50]Crispo B, Nguyen V, Conti M. CRePE: Contextrelated policy enforcement for Android[J]. Lecture Notes in Computer Science, 2010, 6531: 331345[51]Harmony O S. Harmony OS系统概述[EBOL]. [20211221]. https:device.harmonyos.comcndocsdocumentationguide[52]王斯梁, 冯暄, 蔡友保, 等. 零信任安全模型解析及应用研究[J].信息安全研究, 2020, 6(11): 966971[53]涂增英. 零信任架构中的统一权限管理方案[J]. 信息安全研究, 2021, 7(11): 10471051[54]申永波. 安全操作系统安全策略与可信应用环境构建研究[D]. 北京: 北京工业大学, 2010
|