单向安全隔离与信息交换机制的研究与实现

发布时间：2018-01-19 11:37

本文关键词： 单向隔离 BLP模型无干扰隐通道控制　出处：《北京交通大学》2015年硕士论文　论文类型：学位论文

【摘要】：随着铁路运输需求的不断增长,当前的铁路系统面临极大的挑战。铁路信息化发展战略已经将智能铁路作为未来的发展方向。为实现铁路系统更加智能和高效地运作,需要铁路各个业务系统之间互联互通、信息共享和协同工作,然而连通不同安全级的业务系统,会带来一系列严重的网络安全威胁,例如敏感信息泄漏、网络攻击与入侵等。传统的网络安全防护技术虽然保证了一定级别的网络安全,但却无法实现彻底的安全隔离,而且对于内部原因造成的敏感信息泄漏安全问题也无能为力。随着新型网络攻击的不断出现以及铁路信息系统对安全的特殊需求,如何从根本上保证不同安全级网络的边界安全,从而实现铁路信息系统不同安全域之间安全隔离与信息可靠交换,已经成为当前智能铁路建设亟待解决的问题之一,也是本文研究的课题。本文首先对现有的安全隔离与信息交换技术及其原理进行分析,并总结了它们各自的优点与不足。在理论方面,研究了经典的BLP(Bell-LaPadula Model)安全理论模型,分析基于该模型的单向通信在安全性与可用性之间的矛盾。为解决该矛盾,本文引入信息流无干扰模型的思想,通过降级域,实现信息以降级方式逆向流动,弥补了遵循BLP模型的单向通信在可用性方面的缺陷。在安全性方面,借助虚拟化隔离技术将通信进程的执行环境分离,对降级域潜在的隐通道进行安全控制。基于以上研究,本文提出单向安全隔离与信息交换机制,该机制不仅实现了不同安全级网络之间物理单向隔离与虚拟化隔离的双重安全隔离,也保证了信息的可靠交换。最后,基于单向安全隔离与信息交换机制,本文设计并实现了单向安全网关原型系统,通过对原型系统的测试与分析,论证了该机制的可行性。在实际应用上,利用单向安全网关原型系统,实现了不同安全级网络之间文件单向“摆渡”,数据库单向同步以及邮件单向转发,并在铁路信息安全等级保护关键技术示范系统中得到应用。本文的研究成果综合考虑了多种安全隔离技术的特点,在BLP安全模型基础上,结合了信息流无干扰模型的思想,协调了安全性和可用性之间的矛盾,在满足不同安全级网络信息交换的同时,有效解决了各种网络入侵攻击和敏感信息泄漏安全问题,为铁路信息系统不同安全域之间安全隔离与信息交换提供了技术和理论上的参考。
[Abstract]:With the increasing demand of railway transportation. The current railway system is facing a great challenge. The development strategy of railway informatization has taken intelligent railway as the future development direction. In order to achieve the railway system more intelligent and efficient operation. Railway business systems need to be interconnected, information sharing and collaborative work. However, connecting different security level business systems will bring a series of serious network security threats, such as leakage of sensitive information. The traditional network security protection technology can guarantee a certain level of network security, but it can not achieve a complete security isolation. Moreover, there is nothing that can be done about the safety of sensitive information leakage caused by internal reasons. With the continuous emergence of new network attacks and the special security requirements of railway information systems. How to guarantee the boundary security of different security level networks fundamentally, so as to realize the security isolation and reliable exchange of information between different security regions of railway information system. It has become one of the problems to be solved urgently in the construction of intelligent railway, and it is also the research topic of this paper. In this paper, the existing security isolation and information exchange technology and its principle are analyzed, and their respective advantages and disadvantages are summarized. This paper studies the classical BLP(Bell-LaPadula Model security theory model, and analyzes the contradiction between security and usability of one-way communication based on this model. This paper introduces the idea of non-interference model of information flow, and realizes the reverse flow of information in downgrade mode through demotion domain, which makes up for the shortcomings of one-way communication following BLP model in usability and security. With the help of virtualization isolation technology, the execution environment of communication process is separated, and the potential hidden channels in degraded domain are controlled safely. Based on the above research, this paper proposes a one-way security isolation and information exchange mechanism. This mechanism not only realizes the double security isolation of physical one-way isolation and virtualization isolation between different security level networks, but also ensures the reliable exchange of information. Finally, based on one-way security isolation and information exchange mechanism. This paper designs and implements the prototype system of one-way security gateway, and proves the feasibility of the mechanism by testing and analyzing the prototype system. In practical application, the prototype system of one-way security gateway is used. The paper realizes file one-way "ferry", database one-way synchronization and mail one-way forwarding between different security level networks, and is applied in the demonstration system of key technology of railway information security level protection. The research results of this paper take into account the characteristics of various security isolation technologies. Based on the BLP security model and the idea of information flow non-interference model, the contradiction between security and usability is coordinated. At the same time, it can effectively solve the security problems of various network intrusion attacks and sensitive information leakage. It provides a technical and theoretical reference for the security isolation and information exchange between different safety domains of railway information system.
【学位授予单位】：北京交通大学
【学位级别】：硕士
【学位授予年份】：2015
【分类号】：TP393.08

【参考文献】