|
|||||
|
|
| 多级安全DBMS的通用审计策略模型 | |
| 引用本文: | 何永忠,李斓,冯登国.多级安全DBMS的通用审计策略模型[J].软件学报,2005,16(10):1774-1783. |
| 作者姓名: | 何永忠 李斓 冯登国 |
| 作者单位: | 1. 信息安全国家重点实验室(中国科学院,软件研究所),北京,100080;中国科学院,研究生院,北京,100049 2. 上海交通大学,信息安全工程学院,上海,200030 3. 信息安全国家重点实验室(中国科学院,软件研究所),北京,100080 |
| 基金项目: | Supported by the National Natural Science Foundation og China under Grant Nos.60025205,60373048,90304007(国家自然科学基金);the National High-Tech Research and Development Plan of China under Grant No.2004AA147070(国家高技术研究发展计划(863)) |
| 摘 要: | 提出了一种基于多级安全数据库管理系统的通用审计策略模型.该模型具有丰富的表达能力,既可以表达基于时间的审计策略,也可以实现基于规则的审计策略推衍.通过引入对象的属性谓词,还可以表达细粒度的审计策略.证明了该模型的可判定性,并给出了判定任意一个事件是否需要审计的算法. |
| 关 键 词: | 审计 策略模型 多级安全数据库 |
| 收稿时间: | 07 27 2004 12:00AM |
| 修稿时间: | 10 10 2004 12:00AM |
A Generic Audit Policy Model on Multilevel Secure DBMS |
|
| HE Yong-Zhong,LI Lan and FENG Deng-Guo.A Generic Audit Policy Model on Multilevel Secure DBMS[J].Journal of Software,2005,16(10):1774-1783. | |
| Authors: | HE Yong-Zhong LI Lan and FENG Deng-Guo |
| Abstract: | This paper proposes a generic audit policy model on multilevel secure DBMS. The model is powerful expressively which not only expresses audit policy based on periodical time constraints, but also implements audit policy deduction based on rules. Furthermore, fine-grained audit policies are possible in this model with the introduction of object attribute predicate. The decidability of the model is proven and a decidability algorithm is presented. |
| Keywords: | audit policy model multilevel secure DBMS |
| 本文献已被 CNKI 维普 万方数据 等数据库收录! | |
| 点击此处可从《软件学报》浏览原始摘要信息 | |
| 点击此处可从《软件学报》下载全文 | |