摘要
在分析BLP模型和RBAC模型及其相关衍生模型的基础上,提出一种改进的模型。改进模型主要有4个重要特点:(1)实施完整性控制,保证信息流上写安全性;(2)限定可信主体,赋予其余主体有限特权;(3)实施RBAC模型,分配角色和权限;(4)引入审计机制,提供策略监控。实验结果表明,改进后的模型在完善安全性的同时提高了实用性。
On the basis of the BLP model and RBAC model,a new improved multiple-level model is presented.The improved model has four important features:(1)carry out the control of integrity;(2)constrain the trusted subject and limit the right of other subjects;(3)realize RBAC model to assign the role and the permission;(4)fulfill the audit mechanism rules to monitor the security policy.Experimental results show that the improved model increases security and the usability.
出处
《计算机工程与应用》
CSCD
北大核心
2011年第4期77-80,共4页
Computer Engineering and Applications
基金
国家支撑计划(No.2008BAH21B03)
浙江省科技计划(No.2007C11088)
浙江省重大专项(No.2007C11068)