| 基于访问控制空间的多策略安全体系结构 |
| |
| 引用本文: | 李丽萍,卿斯汉,贺也平,沈晴霓.基于访问控制空间的多策略安全体系结构[J].通信学报,2006,27(2):107-112. |
| |
| 作者姓名: | 李丽萍 卿斯汉 贺也平 沈晴霓 |
| |
| 作者单位: | 中国科学院软件研究所,北京,100080;中国科学院研究生院,北京,100039 |
| |
| 基金项目: | 科技部科研项目;中国科学院资助项目 |
| |
| 摘 要: | 为解决LSM在策略重用和策略共存方面存在的问题,提出了一个新的安全体系结构ELSM,它引入一个模型组合器作为主模块实施模块堆栈管理和模块决策管理,其中模块决策的实施采用了访问控制空间的策略规范方法,可支持通用性,ELSM的设计及其在安胜OS安全操作系统中的实例分析表明其有效性。
|
| 关 键 词: | 安全体系结构 安全策略模型 Linux安全模块 策略规范 |
| 文章编号: | 1000-436X(2006)02-0107-06 |
| 收稿时间: | 2005-11-25 |
| 修稿时间: | 2005-11-252005-12-20 |
Security architecture to support multiple security policies based on access control space |
| |
| LI Li-ping,QING Si-han,HE Ye-ping,SHEN Qing-ni.Security architecture to support multiple security policies based on access control space[J].Journal on Communications,2006,27(2):107-112. |
| |
| Authors: | LI Li-ping QING Si-han HE Ye-ping SHEN Qing-ni |
| |
| Affiliation: | 1.Institute of Software, Chinese Academy of Sciences, Beijing 100080, China; 2.Graduate School of Chinese Academy of Sciences, Beijing 100039, China |
| |
| Abstract: | In order to solve the problems of policy reusability and policy co-existence in LSM, a new security architecture ELSM is proposed. It introduced Model Combiner as main module to implement module stack management and module decision management. Module decision is based on access control space as policy specification for general support. The design of ELSM and the analysis of its implementation in Ansheng OS prove its effectiveness. |
| |
| Keywords: | security architecture security policy model Linux security module policy specification |
| 本文献已被 CNKI 维普 万方数据 等数据库收录! |
| 点击此处可从《通信学报》浏览原始摘要信息 |
|
点击此处可从《通信学报》下载全文 |
