摘要
在高安全领域,XML文档中可能包含不同程度的敏感信息,需要受到强制访问控制策略的保护。为确保高敏感数据的完整性,在BLP模型的基础上对主体和客体的安全标签进行改进,提出EBLP模型,讨论在该模型下的安全标签分配问题,研究该模型的体系结构并给出XML文档的访问控制算法。
In the high security fields, XML documents may include information at different levels of sensitivity. It should be protected by Mandatory Access Control(MAC) policy. In order to maintain the integrality of data at high levels of sensitivity, the security labels of subjects and objects are improved. An extended MAC model called EBLP is proposed on the basis of BLP model. Security label assignment are discussed. The architecture and the access control arithmetic used to implement the fine-grained EBLP model are discussed.
出处
《计算机工程》
CAS
CSCD
北大核心
2011年第14期123-124,127,共3页
Computer Engineering
基金
重庆市科委自然科学基金资助项目(CSTC
2008BB2320)
关键词
可扩展标记语言
安全标签
强制访问控制
EBLP模型
访问控制
eXtensible Markup Language(XML)
security label
Mandatory Access Control(MAC)
EBLP model
access control