| 强制访问控制MAC的设计及实现 |
| |
| 引用本文: | 郭玮,茅兵,谢立.强制访问控制MAC的设计及实现[J].计算机应用与软件,2004,21(3):1-2,13. |
| |
| 作者姓名: | 郭玮 茅兵 谢立 |
| |
| 作者单位: | 南京大学计算机软件新技术国家重点实验室,南京,210093 |
| |
| 基金项目: | 国家 863高科技项目基金 (编号 :2 0 0 1A1 4 4 0 1 0 )资助 |
| |
| 摘 要: | 访问控制是计算机信息保护中极其重要的一个环节,本文针对自主访问控制的缺陷,介绍了更强力的强制访问控制(MAC),强制访问控制是根据客体中信息的敏感标记和访问敏感信息的主体的访问级对客体访问实行限制的一种方法。本文在简单介绍了强制访问控制的优点后给出了它的形式化定义及其基本规则,最后介绍了由笔者等开发的一个安全操作系统softos中强制访问控制模块的具体设计及实现。
|
| 关 键 词: | 计算机安全 信息保护 强制访问控制 自主访问控制 |
MADANTOTY ACCESS CONTROL(MAC) DESIGN AND IMPLEMENTATION |
| |
| Guo Wei,Mao Bing,Xie Li.MADANTOTY ACCESS CONTROL(MAC) DESIGN AND IMPLEMENTATION[J].Computer Applications and Software,2004,21(3):1-2,13. |
| |
| Authors: | Guo Wei Mao Bing Xie Li |
| |
| Abstract: | Access control is a very important aspect of the computer information protection,but Discretionary Access Control has many shortcoming in doing that.In this paper,we introduce a more powerful method,Madatory Access Control(MAC).MAC is a method that limit a subject's access to an object according to some sensitive labels of the information in an object and the access levels of the subject of the access.Fisrt we present the advantages of MAC in brief.Following that a formal definition and some basic rules are given.And then this paper introduces the design and implementation of MAC module in a secure operating system named SoftOS which is developed by the writers and their colleague. |
| |
| Keywords: | Access control Mandatory access control(MAC) Security Operating system |
| 本文献已被 CNKI 维普 万方数据 等数据库收录! |
