| 改进的操作系统安全访问控制模型 |
| |
| 引用本文: | 权义宁,胡予濮. 改进的操作系统安全访问控制模型[J]. 西安电子科技大学学报(自然科学版), 2006, 33(4): 539-542 |
| |
| 作者姓名: | 权义宁 胡予濮 |
| |
| 作者单位: | [1]西安电子科技大学计算机网络与信息安全教育部重点实验室,陕西西安710071 [2]西安电子科技大学计算机学院,陕西西安710071 |
| |
| 摘 要: | 提出了一个基于多级安全策略的强制访问控制模型.它的保密性安全规则是基于BLP模型.而完整性安全规则是基于Biba模型.由于BLP模型和Bih模型的信息流走向完全相反.简单将它们结合会引起对某些客体进行合法的访问遭到拒绝.因此对主体和客体引入了可信度策略.使得主体在进行合法的资源访问时不会因为安全级别较低而遭到拒绝.从而使保密性和完整性两个安全特性能够紧密地结合在一起.该模型既能防止越权泄露信息.又能控制信息的非授权修改.从而同时保证了系统的保密性和完整性。
|
| 关 键 词: | 多级安全策略 强制访问控制 安全模型 操作系统 |
| 文章编号: | 1001-2400(2006)04-0539-04 |
| 收稿时间: | 2005-08-19 |
| 修稿时间: | 2005-08-19 |
An improved secure access control model in Operating System |
| |
| QUAN Yi-ning,HU Yu-pu. An improved secure access control model in Operating System[J]. Journal of Xidian University, 2006, 33(4): 539-542 |
| |
| Authors: | QUAN Yi-ning HU Yu-pu |
| |
| Affiliation: | (1) Ministry of Edu. Key Lab. of Computer Networks & Information Security, Xidian Univ., Xi′an 710071, China;(2) School of Computer Science, Xidian Univ., Xi′an 710071, China |
| |
| Abstract: | A mandatory secure access control model named SOSACM of Operating System that is based on the multi-level security policy is put forward. Its confidetiality inherits the BLP model, and its definition of integrity is on the basis of Biba model. But in fact, the simple conjunct of BLP and Biba models will make some legal object not accessible because the directions of information flow in the BLP model and integrity in the Biba model are opposite. In the model, a trusted level strategy that makes the combination of confidentiality and integrity property fight has been devdoped, which should ensure that subjects can access objects legally. The model will be beneficial to its application to constructing secure Operating Systems in future. |
| |
| Keywords: | multi--level security strategy mandatory access control security model operating system |
| 本文献已被 CNKI 维普 万方数据 等数据库收录! |
| 点击此处可从《西安电子科技大学学报(自然科学版)》浏览原始摘要信息 |
|
点击此处可从《西安电子科技大学学报(自然科学版)》下载全文 |
