Research Article
Research on the Application Security Isolation Model
@INPROCEEDINGS{10.1007/978-3-642-23602-0_29, author={Lei Gong and Yong Zhao and Jianhua Liao}, title={Research on the Application Security Isolation Model}, proceedings={2nd International ICST Workshop on e-Forensics Law and Judicial}, proceedings_a={E-FORENSICSLAW}, year={2012}, month={10}, keywords={Information security classified protection Application security Security model Application isolation}, doi={10.1007/978-3-642-23602-0_29} }
- Lei Gong
Yong Zhao
Jianhua Liao
Year: 2012
Research on the Application Security Isolation Model
E-FORENSICSLAW
Springer
DOI: 10.1007/978-3-642-23602-0_29
Abstract
With the rapid development of information technology, the secrutiy problems of information systems are being paid more and more attention, so the Chinese government is carrying out information security classified protection policy in the whole country. Considering computer application systems are the key componets for information system, this paper analyzes the typical security problems in computer application systems and points out that the cause for the problems is lack of safe and valid isolation protection mechanism. In order to resolve the issues, some widely used isolation models are studied in this paper, and a New Application Security Isolation model called NASI is proposed, which is based on trusted computing technology and the least privilege principle. After that, this paper introduces the design ideas of NASI, gives out formal description and safety analysis for the model, and finally describes the implementation of the prototype system based on NASI.