期刊文献+
任意字段
题名或关键词
题名
关键词
文摘
作者
第一作者
机构
刊名
分类号
参考文献
作者简介
基金资助
栏目信息

改进的操作系统安全访问控制模型 被引量:5

An improved secure access control model in Operating System
下载PDF
导出
摘要 提出了一个基于多级安全策略的强制访问控制模型,它的保密性安全规则是基于BLP模型,而完整性安全规则是基于Biba模型.由于BLP模型和Biba模型的信息流走向完全相反,简单将它们结合会引起对某些客体进行合法的访问遭到拒绝,因此对主体和客体引入了可信度策略,使得主体在进行合法的资源访问时不会因为安全级别较低而遭到拒绝,从而使保密性和完整性两个安全特性能够紧密地结合在一起.该模型既能防止越权泄露信息,又能控制信息的非授权修改。 A mandatory secure access control model named SOSACM of Operating System that is based on the multi-level security policy is put forward. Its confidetiality inherits the BLP model, and its definition of integrity is on the basis of Biba model. But in fact, the simple conjunct of BLP and Biba models will make some legal object not accessible because the directions of information flow in the BLP model and integrity in the Biba model are opposite. In the model, a trusted level strategy that makes the combination of confidentiality and integrity property fight has been devdoped, which should ensure that subjects can access objects legally. The model will be beneficial to its application to constructing secure Operating Systems in future.
作者 权义宁 胡予濮
机构地区 西安电子科技大学计算机网络与信息安全教育部重点实验室
出处 《西安电子科技大学学报》 EI CAS CSCD 北大核心 2006年第4期539-542,共4页 Journal of Xidian University
基金 国家自然科学基金资助项目(60273084)
关键词 多级安全策略 强制访问控制 安全模型 操作系统 multi--level security strategy mandatory access control security model operating system
分类号 TP309 [自动化与计算机技术—计算机系统结构]
  • 相关文献

参考文献2

二级参考文献5

  • 1吴哲辉(译),Petri网理论与系统模拟,1988年
  • 2Bell D.E., Lapadula L.J.. Secure computer systems. Mitre Corporation, Bedford, MA, USA: Technical Report MTR-2547 (Vol Ⅰ-Ⅲ), 1973
  • 3Biba K.J.. Integrity considerations for secure computer systems. Mitre Corporation, Bedford, MA, USA: Technical Report MTR-3153, 1977
  • 4Di Vito Ben L., Palmquist P.H., Anderson E.R., Johnston M.L.. Specification and verification of the ASOS kernel. In: Proceedings of the 1990 IEEE Computer Society Symposium on Research in Security and Privacy, Oakland, California, 1990, 61~74
  • 5Waldhart N.A.. The army secure operating system. In: Proceedings of the 1990 IEEE Computer Society Symposium on Research in Security and Privacy, Oakland, California, 1990, 50~60

共引文献32

同被引文献31

  • 1蔡谊,郑志蓉,沈昌祥.基于多级安全策略的二维标识模型[J].计算机学报,2004,27(5):619-624. 被引量:28
  • 2卿斯汉,朱继锋.安胜安全操作系统的隐蔽通道分析[J].软件学报,2004,15(9):1385-1392. 被引量:19
  • 3崔宾阁,刘大昕.基于信息流图的隐通道分析技术研究[J].哈尔滨工程大学学报,2006,27(5):742-747. 被引量:2
  • 4Bell D.E , Lapadula L J.Secure Computer Systems[R]. USA: Technical Report MTR-2457, 1973
  • 5Bell T Y L, LaPadula A. A "New" Paradigm for an "Old" Model[C]. Proceedings of the 1992-1993 Workshop on New Security Paradigms,1993:82-93
  • 6Feiertag R J, Levitt K N, Robinson L. Proving Multilevel Security of a System Design[C]. Proc. of the 6th ACM Symp. on Operating Syst. Principles, 1977:57-65
  • 7Di Vito L, Palmquist P H ,Anderson E R ,et al. Sepcification and Verification of the ASOS Kernel [A ] . Proceedings of the 1990 IEEE Computer Society Symposium on Research in Security and Privacy[C] . Oakland : IEEE , 1990: 61-74
  • 8Wright C,Oakland C,Smalley S. Linux Security Modules: General Security Support for the Linux Kernel[EB/OL]. http: //lsm.immunix.org/2002-06
  • 9BELL D E, LAPADULA L J. Secure Computer Systems[R]. USA: Technical Report MTR-2457, 1973.
  • 10BELL T Y L, LAPADULA A. A "new" paradigm for an "old" model[A]. Proceedings of the 1992-1993 Workshop on New Security Paradigms[C]. 1993.82-93.

引证文献5

二级引证文献20

西安电子科技大学学报
2006年 第4期

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部