| Project/Area Number |
24300009
|
|---|
| Research Category |
Grant-in-Aid for Scientific Research (B)
|
| Allocation Type | Partial Multi-year Fund |
|---|
| Section | 一般 |
|---|
| Research Field |
Software
|
|---|
| Research Institution | Institute of Information Security |
|---|
Principal Investigator |
TANAKA Hidehiko 情報セキュリティ大学院大学, その他の研究科, 教授 (60011102)
|
|---|
| Co-Investigator(Kenkyū-buntansha) |
TSUJI Hidenori 情報セキュリティ大学院大学, 情報セキュリティ研究科, 客員教授 (90398975)
HASHIMOTO Masaki 情報セキュリティ大学院大学, 情報セキュリティ研究科, 准教授 (10582158)
|
|---|
| Co-Investigator(Renkei-kenkyūsha) |
TOSHIHARU Harada 株式会社NTTデータ, 技術開発本部
|
|---|
| Project Period (FY) |
2012-04-01 – 2015-03-31
|
| Project Status |
Completed (Fiscal Year 2014)
|
| Budget Amount *help |
¥15,470,000 (Direct Cost: ¥11,900,000、Indirect Cost: ¥3,570,000)
Fiscal Year 2014: ¥6,500,000 (Direct Cost: ¥5,000,000、Indirect Cost: ¥1,500,000)
Fiscal Year 2013: ¥4,810,000 (Direct Cost: ¥3,700,000、Indirect Cost: ¥1,110,000)
Fiscal Year 2012: ¥4,160,000 (Direct Cost: ¥3,200,000、Indirect Cost: ¥960,000)
|
|---|
| Keywords | 情報セキュリティ / アクセス制御 / オペレーティングシステム / OS / セキュリティ / 分散システム |
|---|
| Outline of Final Research Achievements |
In this research, we proposed a new operating system technology to implement a defense-in-depth strategy to information systems, which is based on a strict and secure access control mechanism achieved by the cooperation between applications and its infrastructure. Specifically, the main achievements of this research are followings; i) a proposal of a mechanism that gives the minimum access rights dynamically in consideration of the execution status of applications, ii) its robust implementation, and iii) a proposal of a simple and clear policy description language and its management system to make the implementation fit for practical use. The key feature of the research is to solve the problem of general operating systems in terms of insufficiency of compartment function caused by its coarse-grained access control systems, while it can solve the problem of MAC operating systems in terms of impracticality caused by its fine-grained access control systems, at the same time.
|
