期刊文献+

基于管道的TCB扩展模型 被引量:2

Channel-Based TCB Extension Model
下载PDF
导出
摘要 为解决当前系统环境中应用安全与系统安全互相独立而存在的问题,提出了安全管道和TCB扩展的概念,给出了安全管道的形式化描述,并抽象出一种基于安全管道的TCB扩展模型,说明如何利用TCB扩展构建安全机制间的信息交互机制,以实现不同安全机制之间的统一.通过对TCB扩展模型的安全性分析,进一步说明了模型的科学性和现实可行性. To solve the problems derived from isolation of application security mechanism and operation system security mechanism, firstly, the concept of security channel and TCB extension was proposed, and then formal description of security channel was given. By practices, a TCB extension model which based on security channel was obtained. This model could be used to explain how to build security channel between different security mechanisms in order to achieve uniform and eliminate conflicts of those security mechanisms. Finally the theory and practicality of this model with security analysis and engineering implementation were proven.
出处 《北京工业大学学报》 EI CAS CSCD 北大核心 2010年第5期592-596,共5页 Journal of Beijing University of Technology
基金 国家“八六三”计划资助项目(2009AA01Z437) 国家“九七三”计划资助项目(2007CB311100) 信息安全国家重点实验室开放课题
关键词 TCB扩展 安全管道 应用安全机制 系统安全机制 TCB extension security channel application security mechanism operation system security mechanism
  • 相关文献

参考文献8

  • 1MOHAN C. Survey of recent operating systems research, designs and implementations[ J]. ACM SIGOPS Operating Systems Review, 1978, 12(1):53-89.
  • 2KRISTAL T P, SCOTT A B. Efficient access control for distributed hierarchical file systems[ C ]// Proceedings of the 22nd IEEE/13th NASA Goddard Conference on Mass Storage Systems and Technologies. Washington DC, USA: IEEE Computer Society, 2005: 253-260.
  • 3沈昌祥.构建积极防御综合防范的防护体系[J].信息安全与通信保密,2004(5):18-19. 被引量:19
  • 4PHILLIPS L. Windows Vista security: first impressions[ J]. Information Security Tech Report, 2006, 11 (4) : 176-185.
  • 5MICHAEL H, STEVE L. Inside the Windows security push[J]. IEEE Security and Privacy, 2003, 1( 1 ) : 57-61.
  • 6NIK O. Overview of Windows NT security subsystem[J]. Sys Admin, 1998, 7(7) : 8-16.
  • 7BOB R. Inside Windows NT security[J]. Windows/DOS Developer's Journal, 1993, 4(4) : 6-19.
  • 8MICK B. Paranoid penguin: introduction to SELinux[ J] Linux Journal, 2007, 2007(154) : 1-15.

共引文献18

同被引文献13

  • 1沈昌祥,张焕国,王怀民,王戟,赵波,严飞,余发江,张立强,徐明迪.可信计算的研究与发展[J].中国科学:信息科学,2010,40(2):139-166. 被引量:253
  • 2Department of Defense.DOD 5200.28-STD Trusted Computer System Evaluation Criteria[S].December 1985.
  • 3Ye Z, Smith S.Trusted paths for browsers:an open-source solution to Web spoofing[C]//Proceedings of the 11th USENIX Security Symposium, 2002: 263 -279.
  • 4Rushby J.Noninterference, transitivity, and channel-control security policies, Tech Rep: CSL-92-02[R].Stanford Research Institute, 1992.
  • 5GB17859-1999.计算机信息系统安全保护等级划分准则[S].[S].,1999..
  • 6CSC-STD-001-83. Department of defense trusted computer sys- tem evaluation criteria [S]. 2000.
  • 7Tsai Wei-Tek. Service-oriented cloud computiilg architecture [C] //Tth International Conference on Information Technolo- gy: New Generations, 2010: 684-689.
  • 8Canetti R, Shahad D, Vald M. Composable authentication with global PKI [ DB/OL]. http: //eprint. iacr. org/2014/ 432. pdf, 2014.
  • 9Neal Koblitz, Alfred Menezes. Another look at HMAC [J]. Journal of Mathematical Cryptology, 2013, 7 (3): 225-251.
  • 10Muntean C, Dojen R, Coffey T. Establishing and preventing a new replay attack on a non repudiation protocol [C] //IEEE 5th International Conference on Intelligent Computer Commu- nication and Processing, 2009: 283-290.

引证文献2

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部