期刊文献+
任意字段
题名或关键词
题名
关键词
文摘
作者
第一作者
机构
刊名
分类号
参考文献
作者简介
基金资助
栏目信息

一种基于通信信道容量的多级安全模型 被引量:6

A Multilevel Security Model Based on Communication Channel Capacity
下载PDF
导出
摘要 安全模型有多种代表模型,如BLP模型和不可推断模型等.这些模型在理论描述或者实际应用方面存在一定的局限性,如BLP模型未能考虑隐蔽通道,不可推断模型不适应非确定系统.针对这些模型的不足,本文在BLP模型基础上,考虑了隐蔽通道的特性,提出了泄密通道有限容忍的通信信道模型,该模型能通过调节泄密通道信道容量上限来平衡实际系统可用性和安全性. Many typical security models have been proposed,such as the BLP model and the nondeducibility model,however,these models have some disadvantages and limitations in theoretical analysis or implementation respectively.For instance,BLP model did not take the covert channel into account,and the nondeducibility model cannot be applied to the nondeterministic systems.Considering these shortages brought about by the existing works,this paper take the properties of the covert channel as a main consideration,and propose a novel finite-information-leakage-tolerance communication channel model based on the BLP model.The proposed model finds a tradeoff between the availability and security of the practical system by adjusting the upper bound of the channel capacity of the information leakage.
作者 刘雄 卓雪君 汤永利 戴一奇
机构地区 清华大学计算机科学与技术系
出处 《电子学报》 EI CAS CSCD 北大核心 2010年第10期2460-2464,共5页 Acta Electronica Sinica
关键词 安全模型 BLP模型 隐蔽通道 通信信道模型 security model BLP model covert channel communication channel model
分类号 TP309 [自动化与计算机技术—计算机系统结构]
  • 相关文献

参考文献13

  • 1Bell D E,LaPadula L J.Secure computer system:Unified exposition and MULTICS interpretation .Bedford,MA:The MITRE Corporation,1976.
  • 2Goguen J,Meseguer J.Security policies and security models .Proceedings of IEEE Symposium on Security and Privacy,1982 .Los Alamitos:IEEE Computer Society Press,1982.11-20.
  • 3Denning D E.A lattice model of secure information flow[J].Communication of the ACM,1976,19(5):236-243.
  • 4Sutherland D,A model of information .Proc of the 9th National Computer Security Conference .Gaithersburg,MD:National Bureau of Standards,National Computer Security Center,1986.175-183.
  • 5谭智勇,刘铎,司天歌,戴一奇.一种具有可信度特征的多级安全模型[J].电子学报,2008,36(8):1637-1641. 被引量:13
  • 6司天歌,张尧学,戴一奇.局域网络中的L-BLP安全模型[J].电子学报,2007,35(5):1005-1008. 被引量:16
  • 7Lampson,Butler W.A note on the confinement problem[J].Communications of the ACM,1973,16(10):613-615.
  • 8J Todd Wittbold,Dale M Johnson.Information flow in nondeterministic systems .In Proceedings of the 1990 IEEE Computer Society Symposium on Computer Security and Privacy .Oakland,CA:IEEE,1990.144-161.
  • 9DoD 5200.28-STD,Trusted computer system evaluation criteria[S].
  • 10Gray,James W Ⅲ.Toward a mathematical foundation for information flow security .Proceedings of the Symposium on Security and Privacy .Oakland,CA:IEEE Computer Society,1991.21-34.

二级参考文献15

  • 1季庆光,卿斯汉,贺也平.一个改进的可动态调节的机密性策略模型[J].软件学报,2004,15(10):1547-1557. 被引量:33
  • 2Lawrence A G,et al.2006 CSI/FBI Computer crime and security survey[R].San Francisco,CA:Computer Security Institute,2006.
  • 3President's Information Technology Advisory Committee.Cyber security:A crisis of prioritization[R].Arlington,Virginia:National Coordination Office for Information Technology Research and Development,2005.
  • 4Bell D E.,LaPadula L J.Secure computer system:Unified exposition and MULTICS interpretation[R].Bedford,MA:The MITRE Corporation,1976.
  • 5Bell D E,LaPadula L J.Secure computer system:Mathematical foundations[R].Bedford,MA:Electronic Systems Dvision,Air Force System Command,Hanscom AFB,1973.
  • 6Bell D E,LaPadula L J.Secure computer system:A mathematical model[R].Bedford,MA:Electronic Systems Dvision,Air Force System Command,Hanscom AFB,1973.
  • 7Bell D E.Looking back at the Bell-La Padula model[A].Proceedings of the 21st Annual Computer Security Applications Conference[C].Washington,DC:IEEE Computer Society,2005.337-351.
  • 8Rick Smith.Introduction to multilevel security[EB/OL].http://www.cs.stthomas.edu/faculty/resmith/r/mls/m3networks.html,2005.
  • 9Bell D E,LaPadula L J. Secure Computer System:Unified Exposition and Multics Interpretation [ R ]. MTR-2997, Bedford, MA:MITRE Corporation, 1976.
  • 10Bell D E,LaPadula L J. Secure Computer Systems:Mathematical Foundations[ R]. MTR-2547 Volume I, Bedford, MA: Electronic Systems Division,Air Force System Command, Hanscom AFB, 1973.

共引文献26

同被引文献90

引证文献6

二级引证文献21

电子学报
2010年 第10期

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部