摘要
在对操作系统目前流行的访问控制手段和Linux操作系统分析的基础上,探索了改进系统安全性的可行方案。重点研究了在操作系统中实现多种访问控制策略的方法,并利用访问控制通用框架(GFAC),探索了在单一操作系统内实现细粒度自主访问控制、基于Bell-LaPadula模型多级安全规则的安全性强制访问控制以及基于Biba模型的完整性强制访问控制等多种安全策略的方法。提出了可根据实际需要在操作系统中灵活选择、组合访问控制机制的方法。
Based on the analysis of the mainstream access control methods employed in current operating system and linux's operating system, this paper probes into the feasibility to improve the security of the operating system. Furthermore, it emphasizes the study of the ways to integrate several access control methods in one operating system. With the help of generalized framework for access control, we explore a model to integrate fine-grained automatic access control, multilevel security mandatory access control based on bell-lapadula model, integrity mandatory access control based on Biba model, etc. in one operating system. Based on this, it also proposes a way, through which users can select or integrate access control methods of operating systems according to their needs.
出处
《安庆师范学院学报(自然科学版)》
2004年第4期93-96,共4页
Journal of Anqing Teachers College(Natural Science Edition)