| 基于间接信息流约束的访问控制模型 |
| |
| 引用本文: | 王超.基于间接信息流约束的访问控制模型[J].计算机工程与设计,2012,33(7):2521-2525. |
| |
| 作者姓名: | 王超 |
| |
| 作者单位: | 解放军信息工程大学电子技术学院信息安全系,河南郑州,450000 |
| |
| 基金项目: | 国家973重点基础研究发展计划基金,河南省科技创新人才计划基金 |
| |
| 摘 要: | 为解决跨域跨系统环境下的违规间接信息流问题,提出了一种联合访问控制模型.通过记录系统中的访问行为,构建跨系统的信息流图;在此基础上给出信息流图的安全性定理,定义系统的安全状态;通过制定安全规则,约束跨域跨系统环境中的访问行为.基于安全熵对模型的安全性进行分析和验证,验证结果表明了模型在间接信息流的安全防护能力方面优于传统模型.
|
| 关 键 词: | 信息流图 跨域访问控制 间接信息流 访问控制模型 违规信息流 安全熵 |
Access control model based on indirect information flows restrains |
| |
| WANG Chao.Access control model based on indirect information flows restrains[J].Computer Engineering and Design,2012,33(7):2521-2525. |
| |
| Authors: | WANG Chao |
| |
| Affiliation: | WANG Chao(Department of Information Security,Institute of Electronic Technology,PLA Information Engineering University,Zhengzhou 450000,China) |
| |
| Abstract: | To solve the problem of conflicting information flow in cross-domain or cross-systems information systems,an union access control model is proposed.Firstly,the information flow graph is formed by recording the accesses in systems;Then,the security theorems of the information flow graph and security state of system are defined.The access behaviors in cross-domains or cross-systems information systems are restricted by rules.Finally,the model’s security are analyzed and validated based on security entropy,which indicates this model is better than others in the capability of indirect information flows protecting. |
| |
| Keywords: | information flow graph cross-domains access control indirect information flow access control model conflicting information flow security entropy |
| 本文献已被 CNKI 万方数据 等数据库收录! |
