| 基于强制访问控制的文件安全监控系统的设计与实现 |
| |
| 引用本文: | 王雷,庄毅,潘龙平.基于强制访问控制的文件安全监控系统的设计与实现[J].计算机应用,2006,26(12):2941-2944. |
| |
| 作者姓名: | 王雷 庄毅 潘龙平 |
| |
| 作者单位: | 南京航空航天大学,信息科学与技术学院,江苏,南京,210016 |
| |
| 基金项目: | 航空基础科学基金;国防工业基础基金 |
| |
| 摘 要: | 重点分析了基于信息保密的BLP(Bell-LaPadula)模型和基于信息完整性的Biba模型,基于这两个模型设计了兼顾系统保密性和完整性需求的强制访问控制模型,并结合Windows文件过滤驱动程序开发了一个基于该强制访问控制模型的文件安全监控系统,对其主要模块和关键技术进行了详细介绍。该文件安全监控系统可有效地维护文件系统的保密性和完整性,检测并阻断本地与网络的入侵。
|
| 关 键 词: | 强制访问控制 模型 文件过滤驱动 文件监控系统 |
| 文章编号: | 1001-9081(2006)12-2941-04 |
| 收稿时间: | 2006-06-08 |
| 修稿时间: | 2006-06-082006-09-04 |
Design and implementation of file watching system based on mandatory access control |
| |
| WANG Lei,ZHUANG Yi,PAN Long-ping.Design and implementation of file watching system based on mandatory access control[J].journal of Computer Applications,2006,26(12):2941-2944. |
| |
| Authors: | WANG Lei ZHUANG Yi PAN Long-ping |
| |
| Affiliation: | College of Information Science and Technology, Nanfing University of Aerortautics and Astronautics, Nanfing Jiangsu 210016, China |
| |
| Abstract: | Bell-Lapadula model based on information confidentiality and Biba model based on information integrity were introduced. Then a new Mandatory Access Control (MAC) model based on the two modules above was designed. By using Windows NT file filter driver, a file watching system which adopted this new MAC model was developed, and the components and key technologies of it were given in detail. This file watching system has the advantages of protecting information confidentiality and integrity, and resisting the attacks from both local and remote users. |
| |
| Keywords: | Mandatory Access Control (MAC) model NT file filter driver file watching system |
| 本文献已被 CNKI 维普 万方数据 等数据库收录! |
| 点击此处可从《计算机应用》浏览原始摘要信息 |
|
点击此处可从《计算机应用》下载全文 |
