Formal Analysis on an Extended Security Model for Database Systems

Formal Analysis on an Extended Security Model for Database Systems

下载PDF

导出

摘要 In order to develop highly secure database systems to meet the requirements for class B2, the BLP （Bell-LaPudula） model is extended according to the features of database systems. A method for verifying security model for database systems is pro- posed. According to this method, an analysis by using Coq proof assistant to ensure the correctness and security of the extended model is introduced. Our formal security model has been verified secure. This work demonstrates that our verification method is effective and sufficient. In order to develop highly secure database systems to meet the requirements for class B2, the BLP （Bell-LaPudula） model is extended according to the features of database systems. A method for verifying security model for database systems is pro- posed. According to this method, an analysis by using Coq proof assistant to ensure the correctness and security of the extended model is introduced. Our formal security model has been verified secure. This work demonstrates that our verification method is effective and sufficient.

作者 ZHU Hong ZHU Yi LI Chenyang SHI Jie FU Ge WANG Yuanzhen

机构地区 Database and Multimedia Technology Research Institute

出处《Wuhan University Journal of Natural Sciences》 CAS 2008年第5期519-522,共4页 武汉大学学报（自然科学英文版）

基金 the National High Technology Research and Development Program of China (2006AA01Z430)

关键词 Bell-LaPudula （BLP） model security model COQ integrity constraints Bell-LaPudula （BLP） model security model Coq integrity constraints

分类号 TP309.2 [自动化与计算机技术—计算机系统结构]

引文网络
相关文献

参考文献3

1李丽萍,卿斯汉,周洲仪,何建波,温红子.安全策略模型规范及其形式分析技术研究[J].通信学报,2006,27(6):94-101. 被引量：2
2何建波,卿斯汉,王超.对一类多级安全模型安全性的形式化分析[J].计算机学报,2006,29(8):1468-1479. 被引量：10
3程万军,张霞,刘积仁.基于扩展客体层次结构的安全数据库策略模型[J].软件学报,2003,14(5):955-962. 被引量：2

二级参考文献47

1季庆光,卿斯汉,贺也平.一个改进的可动态调节的机密性策略模型[J].软件学报,2004,15(10):1547-1557. 被引量：33
2Denartment of Defense Standard.Department of defense trusted comouter system evaluation criteria.DOD 5200.28-STD,1985.
3National Compmer Security Center.Trusted database interpretation of the trusted computer systems evaluation criteria.NCSC—TG-021,National Computer Security Center,1991.
4The International Organization for Standardization.Common criteria for information technology security evaluation.ISO／IEC 15408:1999(E),1999.
5Bell DE,LaPadula LJ.Secure computer systems:Unified exposition and multics interpretation.Technical Report,MTR-2997,Bedford,MITRE Corporation,1976.
6Gong L,Qian XL.Enriching the expressive power of security labels.IEEE Transactions on Knowledge and Data Engineering,1995,7(5):839-841.
7Foley SN,Gong L,Qian XL.A security model of dynamic labeling providing a tiered approach to verification.In:Proceedings of the IEEE Symposium on Security and Privacy.Oakland,1996.142～153.
8Sandhu R,Chen F.Themultilevel relational(MLR)data model.ISSE-TR-95-101,George Mason University,1995.
9Pernul G.Tioa AM,Winiwarter W.Modeling data secrecy and integrity.Data ＆ Knowledge Engineering,1998,26:291～308.
10Atluri V,Jajodia S,Keefe TF,McCollum C,Mukkamala R.Multilevel Secure transaction processing:Status and prospects Database Security X:Status and Prospects.London:Chapman ＆ Hall,1997.79～98.

共引文献10

1司天歌,谭智勇,戴一奇.一种对多级安全模型安全性的分析方法[J].计算机研究与发展,2008,45(10):1711-1717. 被引量：15
2曹玉林,武君胜.基于网络的档案管理信息系统的设计与研究[J].计算机工程与设计,2009,30(6):1532-1535. 被引量：4
3张洪军,虞俊.多级安全系统中数据聚合的无干扰属性[J].计算机工程与设计,2009,30(21):4848-4850.
4周洲仪,贺也平,梁洪亮.基于Biba和Clark-Wilson策略的混合强制完整性模型[J].软件学报,2010,21(1):98-106. 被引量：8
5邢洪智,罗颖,罗长远,霍士伟.移动环境中多级网络安全切换策略设计[J].计算机工程与应用,2011,47(36):127-130.
6刘波,陈曙晖,邓劲生.Bell-LaPadula模型研究综述[J].计算机应用研究,2013,30(3):656-660. 被引量：7
7白玮,吴强,张学平.适用多级安全网络的BLP改进模型[J].计算机应用,2013,33(A01):134-136. 被引量：2
8王榕,张敏,冯登国,李昊.数据库形式化安全策略模型建模及分析方法[J].通信学报,2015,36(9):193-203. 被引量：2
9贾觐.信息安全等级保护制度在计算机网络搭建中的应用[J].信息与电脑,2019,0(12):203-204. 被引量：6
10曾爱林.基于web的网络数据库安全体系的建立与完善[J].湘潭师范学院学报（自然科学版）,2004,26(2):69-72. 被引量：4

1LIU Yi-he.Read-write rule property research of the combined function about the confidentiality and integrality[J].通讯和计算机（中英文版）,2008,5(5):40-42. 被引量：1
2XIAO Meihua JIANG Yun LIU Qiaowei.On Formal Analysis of Cryptographic Protocols and Supporting Tool[J].Chinese Journal of Electronics,2010,19(2):223-228. 被引量：6
3Qin Yu,Zhao Shijun,Zhang Qianying.Formal Analysis of Trusted Platform Module Commands for Compromising User Key[J].China Communications,2012,9(10):91-102. 被引量：2
4董玲,陈克非,来学嘉.Formal Analysis of Authentication in 802.11i[J].Journal of Shanghai Jiaotong university(Science),2009,14(1):122-128.
5罗三强,汪绍荣.电子商务系统开发过程中的安全设计[J].商场现代化,2008(9):139-139. 被引量：2
6汪绍荣,朱银芳.MIS开发过程中的安全设计研究探讨[J].牡丹江大学学报,2007,16(8):91-93.
7Zhikun CHEN,Shuqiang YANG,Shuang TAN,Li HE,Hong YIN,Ge ZHANG.A new fragment re-allocation strategy for NoSQL database systems[J].Frontiers of Computer Science,2015,9(1):111-127. 被引量：3
8WANG Juan,HU Hongxin,ZHAO Bo,YAN Fei,ZHANG Huanguo,WU Qianhong.Formal Analysis of Information Card Federated Identity-Management Protocol[J].Chinese Journal of Electronics,2013,22(1):83-88.
9吴娴,钱培德.一个多策略安全模型的研究与设计[J].计算机科学,2008,35(6):71-73. 被引量：3
10张海帆,赵娟,曹国勇.MIS开发过程中的安全设计研究[J].宜春学院学报,2007,29(2):86-88.

Wuhan University Journal of Natural Sciences

2008年第5期

浏览历史

内容加载中请稍等...

Formal Analysis on an Extended Security Model for Database Systems

参考文献3

二级参考文献47

共引文献10

相关作者

相关机构

相关主题

浏览历史