|
|||||
|
|
| 基于信息流的SELinux策略分析模型 | |
| 引用本文: | 王燕,李佳,何建波.基于信息流的SELinux策略分析模型[J].计算机应用与软件,2011,28(4). |
| 作者姓名: | 王燕 李佳 何建波 |
| 作者单位: | 1. 天津科技大学计算机学院,天津,300222 2. 北京信息资源管理中心,北京,100101 3. 北京信息技术研究所,北京,100093 |
| 摘 要: | 针对SELinux安全策略分析和管理上的困难,提出了一种SELinux信息流分析模型SELIF。首先构造有效安全上下文集合和安全上下文的授权关系,然后根据许可权的信息流语义,用标记转换系统表示的安全上下文关系来刻画信息流。SELIF信息流模型可以直观地表达SELinux策略所描述的安全上下文之间的信息流路径,实现对复杂策略的直观分析和管理。 |
| 关 键 词: | SELinux 信息流 安全上下文 授权关系 安全策略 |
A SELINUX STRATEGY ANALYSIS MODEL BASED ON INFORMATION FLOW |
|
| Wang Yan,Li Jia,He Jianbo.A SELINUX STRATEGY ANALYSIS MODEL BASED ON INFORMATION FLOW[J].Computer Applications and Software,2011,28(4). | |
| Authors: | Wang Yan Li Jia He Jianbo |
| Affiliation: | Wang Yan1 Li Jia2 He Jianbo3 1(College of Computer,Tianjin University of Science and Technology,Tianjin 300222,China) 2(Beijing Information Resource Administrative Center,Beijing 100101,China) 3(Beijing Information Technology Institute,Beijing 100093,China) |
| Abstract: | Motivated by difficulty in SELinux security strategy analysis and management,a SELinux information flow analysis model,SELIF,is proposed.Firstly an effective security context group and authorization relation is set up;then in accordance with permission information flow syntax,outline the information flow by the security context relation whch is represented by a labeled transition system.SELIF model is able to can be used to analyze and manage the complex security policies. |
| Keywords: | SELinux Information flow Security context Authorization relation Security policy |
| 本文献已被 CNKI 万方数据 等数据库收录! | |