摘要
虽然MLS(multilevel security)被广泛应用于各种安全系统,但是它不能实现信道控制等重要的安全策略.将可信级别的概念引入到MLS中,使其可以方便地实现各种信道控制策略.建立了一个实现这种基于可信级别的多级安全策略的访问控制状态机模型,并证明其对定义的策略是安全的,而且可以实现所有静态信息流策略.另外,还扩展了该模型,使其可以支持存储对象安全属性的动态改变.该模型克服了MLS不能解决安全降级问题以及不考虑完整性的缺点,同时又保留了传统分级策略模型易理解、易使用的优点.
MLS (multilevel security) is being widely applied in many security critical systems, but it can't implement many important security policies such as channel-control. In this paper, the concept of trust degree is introduced into the MLS to implement policies like channel-control conveniently. An access control state machine model which enforces the trust degree based multilevel security policy is established, and is proved to be secure for this policy. It is also proved that this model can enforce all static information flow policies. An extension of the model is also offered to support the dynamic change of storage objects' security labels. The model avoids the disadvantage of MLS' not being able to resolve the problem of secure downgrading and not taking integrity into consideration, and at the same time it retains the advantage of easy understanding and use enjoyed by the traditional classified policy models.
出处
《软件学报》
EI
CSCD
北大核心
2004年第11期1700-1708,共9页
Journal of Software
基金
江苏省自然科学基金~~