期刊文献+
任意字段
题名或关键词
题名
关键词
文摘
作者
第一作者
机构
刊名
分类号
参考文献
作者简介
基金资助
栏目信息

基于动态联盟关系的中国墙模型研究 被引量:3

Chinese wall model based on dynamic alliance
下载PDF
导出
摘要 BN中国墙模型及其诸多变种对写操作约束过强,从而导致在利用冲突关系进行资源划分时,需要事先静态划分访问区域。提出了一种基于动态联盟关系的中国墙模型,该模型通过建立联盟关系实现对利益冲突关系的扩展,从而动态地构建访问区域。证明了该模型能实现与BN中国墙模型相同的安全目标,并通过应用分析展示了该模型可以用于虚拟机系统的隐形流控制。 The conflict of interest relation defined in BN Chinese wall model was usually utilized to divide the resources into different access regions. Unfortunately, the Chinese wall model gave much constraint on write permission that the access regions need to be predetermined and divided statically. A modified version of Chinese wall model was proposed to solve this problem. Through establishing dynamic alliance to extend the conflict of interest relation, the objects of different conflict classes could be dynamically divided into different access regions. Finally, a theory was verified that the modified version of Chinese wall model could achieve the same security goal as BN Chinese wall model. The analysis shows that the model can be applied in covert flows confinement in virtual machine system.
作者 程戈 金海 邹德清 赵峰
机构地区 华中科技大学计算机学院
出处 《通信学报》 EI CSCD 北大核心 2009年第11期93-100,共8页 Journal on Communications
基金 国家重点基础研究发展计划("973"计划)基金资助项目(2007CB310900)~~
关键词 访问控制 中国墙模型 冲突关系 动态联盟关系 access control Chinese wall policy conflict of interest dynamic alliance
分类号 TP309.2 [自动化与计算机技术—计算机系统结构]
  • 相关文献

参考文献17

  • 1BREWER D F C, NASH M J. The Chinese wall security policy[A]. Proceedings of the 1989 IEEE Symposium on Security and Privacy[C]. Oakland, CA, USA, 1989. 206 -214.
  • 2LIN T Y. Chinese wall security policyan aggressive model[A]. Fifth Annual Computer Security Applications Conference[C]. Tucson, Arizona, USA, 1989. 282-289.
  • 3MEADOWS C. Extending the brewer hash model to a multilevel context[A]. Proc of the 1990 IEEE Symposium on Research in Security and Privacy[C]. Oakland, CA, 1990. 95-102.
  • 4SOBEL A E K, ALVES F J. A trace-based model of the Chinese wall security policy[A]. Proceedings of the 22nd National Information Systems Security Conference[C]. Arlington, Virginia, USA, 1999.
  • 5LINT Y. Chinese wall security model and conflict analysis[A]. The 24th Annual International Computer Software and Applications Conference[C]. Taiwan, China, 2000. 122-127.
  • 6KESSLER V. On the Chinese wall model[A]. Computer Security--ESORICS 92[C]. Toulouse, France, 1992.41-54.
  • 7SANDHU R. A lattice interpretation of the Chinese wall policy[A]. Proc of the 15th NIST--NCSC National Computer Security Conference[C]. Washington, USA,1992. 329-339.
  • 8何永忠,李晓峰,冯登国.RBAC实施中国墙策略及其变种的研究[J].计算机研究与发展,2007,44(4):615-622. 被引量:10
  • 9秦超,陈钟,段云所.Chinese Wall策略及其在多级安全环境中的扩展[J].北京大学学报(自然科学版),2002,38(3):369-374. 被引量:8
  • 10FOLEY S N. Building Chinese walls in standard unixTM[J]. Unix Computers and Security Journal, ACM, 1997, 16(6): 551-563.

二级参考文献12

  • 1D Brewer,M Nash.The Chinese Wall security policy[C].In:Proc of the IEEE Symposium on Research in Security and Privacy.Los Alamitos,CA:IEEE Computer Society Press,1989.206-214
  • 2K Bell,L J LaPadula.Secure computer systems:Unified exposition and multics interpretation[R].MITRE Corporation,Tech Rep:MTR-2997,1976
  • 3R Sandhu.A lattice interpretation of the Chinese wall policy[C].In:Proc of the 15th NIST-NCSC National Computer Security Conference.Washington:United States Government Printing Office,1992.329-339
  • 4R S Sandhu,E J Coyne,H L Feinstein,et al.Role-based access control[J].IEEE Computer,1996,29(2):38-47
  • 5S Osborn,R Sandhu.Configuring role-based access control to enforce mandatory and discretionary access control policies[J].ACM Trans on Information and System Security,2000,3(2):85 -106
  • 6Q Zhao,Y Sun.Configuring role-based access control to enforce Chinese Wall policy[C].The 6th Int'l Conf for Yonger Computer Scientists,Hangzhou,2001
  • 7Philip W L Fong.Access control by tracking shallow execution history[C].In:Proc of the 2004 IEEE Symp on Security and Privacy.Los Alamitos,CA:IEEE Computer Society Press,2004.43-55
  • 8G-J Ahn,R Sandhu.Role-based authorization constraints specification[J].ACM Trans on Information and System Security,2000,3(4):207-226
  • 9Brewer D,Nash M.The Chinese Wall Security Policy[]..1999
  • 10Sobel A E K,Alves-Foss J.A Trace-Based Model of the Chinese Wall Security Policy[]..1999

共引文献14

同被引文献28

  • 1刘谦,王观海,翁楚良,骆源,李明禄.A Mandatory Access Control Framework in Virtual Machine System with Respect to Multi-level Security Ⅱ:Implementation[J].China Communications,2011,8(2):86-94. 被引量:5
  • 2何永忠,李晓峰,冯登国.RBAC实施中国墙策略及其变种的研究[J].计算机研究与发展,2007,44(4):615-622. 被引量:10
  • 3WANG Zhi, JIANG Xu-xian. HyperSafe : a lightweight approach to pro- vide lifetime hypervisor control-flow integrity [ C ]//Proc of IEEE Sym- posium on Security and Privacy. 2010:380-395.
  • 4SALAUM M. Practical overview of a Xen covert channel [ J ]. Journal in Computer Virology,2010,6(4) :317-328.
  • 5RANJITH P,PRIYA C ,SHALINI K. On covert channels between virtu- al machines [ J ]. Journal in Computer Virology,2012,8 (3) :85 - 97.
  • 6OKAMURA K, OYAMA Y. Load-based covert channels between Xen virtual machines[ C ]//Proc of the 25th Annum ACM Symposium on Applied Computing. Sierre: Association for Computing Machinery, 2010 : 173-180.
  • 7WU Jing-zheng, DING H-ping, WANG Yong-ji, et al. Identification and evaluation of sharing memory covert timing channel in Xen virtual machines [ C ]//Proc of the 4th IEEE International Conference on Cloud Computing. Los Alamitos, CA : IEEE Computer Society, 2011 : 283-291.
  • 8SAILER R, VALDEZ E, JAEGER T, et al. sHype : secure hypervisor approach to trusted virtualized systems, RC23511 [ R ]. [S. l. ] :IBM, 2005.
  • 9CHENG Ge, JIN Hai-jin,ZOU De-qing, etal. A prioritized Chinese wall model for managing the covert information flows in virtual machine sys- tems[ C]//Proc of the 9th International Conference for Young Comput- er Scientists. Los Alamitos : IEEE Computer Society,2008.
  • 10FOLEY S N. Building Chinese Wails in standard UNIXTM [ J ]. Com- puters & Security,1997,16(6) :551-563.

引证文献3

二级引证文献6

通信学报
2009年 第11期

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部