| 摘要 |
The invention relates to a distributed system comprised of a multitude of computer units, so-called nodes, which are connected to one another over a network and inside of which a local monitoring unit is provided for applying at least one security policy incumbent upon the respective nodes. Said monitoring unit is connected to at least one external monitoring unit, which is located within the network and inside of which systems of rules concerning the security policies of all nodes or of at least one group of nodes can be stored. The invention also relates to a method for operating a distributed system of the aforementioned type. The invention is characterized in that the local monitoring unit is a reference monitor (ECRM=Externally Controlled Reference Monitor) that, at the operation system level of the respective node, controls all operations with objects and interactions between subjects and objects within the nodes based on the system of rules that is at least temporarily implemented in the reference monitor (ECRM) of the respective node.
|
