基于强制访问控制的主机监控子系统研究 |
| |
作者单位: | 桂林工学院电子与计算机系 广西桂林541004 |
| |
摘 要: | 本文在研究Bell-Lapadula模型和Biba模型的基础上,结合二者的优点,提出了既满足信息保密性和又满足信息完整性的强制访问控制模型。编写了Windows过滤驱动程序,可主动拦截用户进程对文件的操作。加载自主设计的强制访问控制模块,实现了对Windows系统下文件资源的强制访问控制,并可通过入侵检测机制发现非法入侵者的来源。实验结果表明,原型系统可有效地对Windows文件系统实施强制访问控制保护,能够主动阻断入侵者的非法操作。
|
关 键 词: | 访问控制 新强制访问控制模型 安全标签 文件过滤驱动程序 |
Information Protecting System Research Based on Access Control Model |
| |
Authors: | WANG Lin TANG Bo YANG Liu |
| |
Abstract: | This paper firstly discusses about a new access control model which takes advantage of both Bell-Lapadula model and Biba model,protects the information confidentiality and the integrity of system resources. MACMS uses Windows file filter driver program to intercept I/O request actively,and uses self-design model to set the accessory or authority of particular processes,implements mandatory access control. Further more,it uses the IDS which to detect illegal users or processes. |
| |
Keywords: | Access Control NMACM security label file system filter driver |
本文献已被 CNKI 等数据库收录! |
|