| 系统安全管理评估的一种改进模型 |
| |
| 引用本文: | 李伟.系统安全管理评估的一种改进模型[J].计算机工程与应用,2003,39(5):175-177. |
| |
| 作者姓名: | 李伟 |
| |
| 作者单位: | 中科院软件所信息安全中心,北京,100080 |
| |
| 摘 要: | 系统安全一直以来是多用户系统设计和管理的重点。常用的模型多以用户为研究单位,采用认证和权限矩阵关联的方法达到限制用户对资源的获取控制。这种方法存在颗粒度较粗等弊病,常常为恶意用户所利用。该文提出一种以进程—资源关系作为研究对象的模型,尝试精确地量化用户行为,并能动态检测用户进程和资源状况。文章第三,四节是模型的详细说明,第五节提出了模型在系统中的应用。
|
| 关 键 词: | 系统安全 资源 权限矩阵 进程对象 |
| 文章编号: | 1002-8331-(2003)05-0175-03 |
| 修稿时间: | 2002年1月1日 |
A new Model for System Security Management and Evaluation |
| |
| Li,Wei.A new Model for System Security Management and Evaluation[J].Computer Engineering and Applications,2003,39(5):175-177. |
| |
| Authors: | Li Wei |
| |
| Abstract: | Multi-user system's security is always an emphasis for system designing and managing.Usually applied method is based on user objects.It uses authentication and privilege matrix to control access to certain resources.However this kind of methods suffer from coarse granularity and something alike.So They are often took advantage of by malicious users.In this article we put forward another method based on process-resource relationship.We try to indicate the users' behavior with more accurate measurement and dynamically examine processes and resources.In the third and fourth part of this article is the detailed explain about this model.And In the5th section we provide a way to use it in a real system. |
| |
| Keywords: | System security resources privilege matrix process object |
| 本文献已被 CNKI 维普 万方数据 等数据库收录! |
|
