摘要
从讨论当前流行的访问控制策略的安全缺陷,及其与状态控制策略的互补性和完备性特征入手,分析了研究状态控制策略的必要性;定义了状态控制安全策略描述形式,并以XML语言为基础,制定策略描述基本规则;同时,按控制目标和控制对象的不同,给出了状态控制策略应用模式;此外,分析了状态控制策略的复杂性问题,并给出初步的解决思路。
By discussing the shortages of access control policy, and analyzing the complementarity and completeness between access control and state control, the necessity of state control was proposed. A formal description about state control policy was defined, and the policy's description rules based on XML were regulated. At the same time, according to different control goal and control object, some application patterns for state control policy were provided. In addition, the complexity of state control policy was discussed, and some solutions were provided.
出处
《计算机应用》
CSCD
北大核心
2012年第5期1375-1378,1384,共5页
journal of Computer Applications
基金
国家973计划项目(2011CB302301)
国防信息学院重点预研项目(ZXKT-KJ-1113)
关键词
状态控制
安全策略
形式描述
应用模式
复杂性分析
state control
security policy
formal description
application pattern
complexity analysis