A Privilege Separation Method for Security Commercial Transactions 被引量：1

A Privilege Separation Method for Security Commercial Transactions

下载PDF

导出

摘要 Privilege user is needed to manage the commercial transactions, but a super-administrator may have monopolize power and cause serious security problem. Relied on trusted computing technology, a privilege separation method is proposed to satisfy the security management requirement for information systems. It authorizes the system privilege to three different managers, and none of it can be interfered by others. Process algebra Communication Sequential Processes is used to model the three powers mechanism, and safety effect is analyzed and compared.

作者 Chen Yasha Hu Jun Sun Yu Gai Xinmao

机构地区 Department of Electrical and Information Engineering School of Computer School of Computer

出处《China Communications》 SCIE CSCD 2010年第6期94-99,共6页 中国通信（英文版）

关键词 privilege separation fraud management security commercial transactions formal method 安全问题分离方法商业交易权限系统安全管理用户需要计算技术管理人员

分类号 TP393.08 [自动化与计算机技术—计算机应用技术] TP311.13 [自动化与计算机技术—计算机软件与理论]

引文网络
相关文献

参考文献2

1QING SiHan1,2 & SHEN ChangXiang3 1 Institute of Software, Chinese Academy of Sciences, Beijing 100080, China,2 School of Software and Microelectronics, Peking University, Beijing 102600, China,3 Institute of Computing Technology, Navy, Beijing 100841, China.Design of secure operating systems with high security levels[J].Science in China(Series F),2007,50(3):399-418. 被引量：5
2沈晴霓,卿斯汉,李丽萍.一种多层次特权控制机制的设计与实现[J].计算机研究与发展,2006,43(3):423-428. 被引量：1

二级参考文献14

1卿斯汉,朱继锋.安胜安全操作系统的隐蔽通道分析[J].软件学报,2004,15(9):1385-1392. 被引量：19
2季庆光,卿斯汉,贺也平.一个改进的可动态调节的机密性策略模型[J].软件学报,2004,15(10):1547-1557. 被引量：33
3卿斯汉.高安全等级安全操作系统的隐蔽通道分析[J].软件学报,2004,15(12):1837-1849. 被引量：31
4JIQingguang QINGSihan HEYeping.A new formal model for privilege control with supporting POSIX capability mechanism[J].Science in China(Series F),2005,48(1):46-66. 被引量：3
5JI Qingguang,QING Sihan,HE Yeping.A formal model for integrity protection based on DTE technique[J].Science in China(Series F),2006,49(5):545-565. 被引量：4
6D. Ferraiolo, J. Cugini, D. R. Kuhn. Role based access control(RBAC): Features and motivations. In: Proc.11th Annual Computer Security Applications Conf. Los Alamitos: IEEE Computer Society Press, 1995. 241-248.
7J. Hoffman. Implementing RBAC on a type enforced system. In:Proc. 13th Annual Computer Security Applications Conf. Los Alamitos: IEEE Computer Society Press, 1997. 158- 163.
8Ramaswamy Chandramouli. A framework for multiple authorization types in a heahhcare application system. In: Proc.17th Annual Computer Security Applications Conf. Los Alamitos:IEEE Computer Society Press, 2001. 137-148.
9Oingfeng He. Privacy enforcement with an extended role-based accesscontrol model. Department of Computer Science, North Carolina State University, USA, Tech. Rep.: TR-2003-09,2003.
10中国国家质量技术监督局．GBl7859-1999中华人民共和国国家标准—计算机信息系统安全保护等级划分准则．1999.

共引文献4

1Chang-da WANG,Shi-guang JU.Integrated criteria for covert channel auditing[J].Journal of Zhejiang University-Science A(Applied Physics & Engineering),2008,9(6):737-743.
2韩伟力,高珺,陈辰.面向客户端上下文隐私保护的可信分散式访问控制[J].计算机辅助设计与图形学学报,2009,21(11):1667-1675. 被引量：1
3ZHOU CongHua,LIU ZhiFeng,WU HaiLing,CHEN Song,JU ShiGuang.Symbolic algorithmic verification of intransitive generalized noninterference[J].Science China(Information Sciences),2012,55(7):1650-1665. 被引量：2
4SUN Cong,XI Ning,GAO Sheng,CHEN Zhong,MA JianFeng.Automated enforcement for relaxed information release with reference points[J].Science China(Information Sciences),2014,57(11):126-144.

同被引文献4

1杨涛,沈昌祥,陈福接.一个用于安全操作系统特权管理的改进Bell-La Padula模型[J].计算机研究与发展,1993,30(1):45-49. 被引量：7
2沈昌祥,张焕国,冯登国,曹珍富,黄继武.信息安全综述[J].中国科学（E辑）,2007,37(2):129-150. 被引量：358
3李勇,王飞,胡俊,沈昌祥.TCB可信扩展模型研究[J].计算机工程与应用,2010,46(13):1-3. 被引量：4
4申永波,蔡勉,胡俊,田健生.一种可信应用环境的构建方法[J].计算机工程,2010,36(19):59-61. 被引量：2

引证文献1

1盖新貌,沈昌祥,李勇,刘毅.一种面向结构化保护的组件层次划分方法[J].计算机工程与应用,2011,47(36):25-28. 被引量：1

二级引证文献1

1孙学波,李昕妍.分布式铁路车辆分布组件的设计与实现[J].计算机工程与设计,2014,35(1):163-170. 被引量：1

1Eric B. Rux,黄思维(译者).评测：组策略管理工具[J].Windows IT Pro Magazine（国际中文版）,2009(9):45-48.
2添.eToken／eSafe／Privilege SCP[J].软件世界,2004(5):96-96.
3叶克江.Delphi中简单权限设置方法[J].现代企业教育,2008(20):229-229.
4叶克江.Delphi简易权限设置方法[J].电脑编程技巧与维护,2009(4):16-17.
5元智博,王慧丽,张健,池亚平.基于PAC的Kerberos认证授权机制研究与改进[J].北京电子科技学院学报,2015,23(2):28-33.
6李昕昕,严张凌,王赛兰.改进的基于角色的通用权限管理模型及其实现[J].计算机技术与发展,2012,22(3):240-244. 被引量：10
7尹志兵,黄红明,熊桂喜.一种基于PMI的访问控制模型及其应用[J].计算机工程,2004,30(1):121-123. 被引量：7
8孙莉.Database Security and Supervisory Method in Oracle[J].Journal of China Textile University(English Edition),1999,16(1):78-80. 被引量：1
9ZHONG An-ming 1, JIA Chun-fu 1,21.College of Information Technology and Sciences, Nankai University, Tianjin 300071,China,2.State Key Laboratory of Information Security, Institute of Software of Chinese Academy of Science, Beijing 100039,China.Privilege Flow Oriented Intrusion Detection Based on Hidden Semi-MarkovModel[J].Wuhan University Journal of Natural Sciences,2005,10(1):137-141. 被引量：2
10JIQingguang QINGSihan HEYeping.A new formal model for privilege control with supporting POSIX capability mechanism[J].Science in China(Series F),2005,48(1):46-66. 被引量：3

China Communications

2010年第6期

浏览历史

内容加载中请稍等...