摘要
为解决当前系统环境中应用安全与系统安全互相独立而存在的问题,提出了安全管道和TCB扩展的概念,给出了安全管道的形式化描述,并抽象出一种基于安全管道的TCB扩展模型,说明如何利用TCB扩展构建安全机制间的信息交互机制,以实现不同安全机制之间的统一.通过对TCB扩展模型的安全性分析,进一步说明了模型的科学性和现实可行性.
To solve the problems derived from isolation of application security mechanism and operation system security mechanism, firstly, the concept of security channel and TCB extension was proposed, and then formal description of security channel was given. By practices, a TCB extension model which based on security channel was obtained. This model could be used to explain how to build security channel between different security mechanisms in order to achieve uniform and eliminate conflicts of those security mechanisms. Finally the theory and practicality of this model with security analysis and engineering implementation were proven.
出处
《北京工业大学学报》
EI
CAS
CSCD
北大核心
2010年第5期592-596,共5页
Journal of Beijing University of Technology
基金
国家“八六三”计划资助项目(2009AA01Z437)
国家“九七三”计划资助项目(2007CB311100)
信息安全国家重点实验室开放课题
关键词
TCB扩展
安全管道
应用安全机制
系统安全机制
TCB extension
security channel
application security mechanism
operation system security mechanism