Author(s): |
Yi Li, The Academy of Equipment Command & Technology (AECT), Beijing, PR of China Xinming Li, The Academy of Equipment Command & Technology (AECT), Beijing, PR of China/College of Computer Science and Technology, Nanjing U Gongxuan Zhang, College of Computer Science and Technology, Nanjing University of Science & Technology, Nanjing, PR of China Xingye Han, The Academy of Equipment Command & Technology (AECT), Beijing, PR of China |
Abstract: |
Architecture for secure Windows terminal based on the prime and assistant heterogeneous dual-system is proposed, to resolve the security problem of Windows terminal. The assistant system, which locates between the prime system and the network outside, is appended on the basis of remaining architecture of prime Windows the same, and actively intercepts all network data in and out the Windows. The hardware and software architecture of the secure Windows terminal based on heterogeneous dual-system is described and the security processing mechanism in the dual-system framework is analyzed in detail. Last but not least, the security processing technology in dual-system architecture is discussed in terms of active interruption for network data, isolation for network and system management data, and security-level-based user identity management.
|