A Logic-Based Safety Analysis Algorithm for Discretionary Access Control

A Logic-Based Safety Analysis Algorithm for Discretionary Access Control

导出

摘要 For the issue of the discretionary access control（DAC） model safety analysis,a logic method is proposed.This method takes the GD model as the classic DAC model and Prolog as the basic language to describe system states and state transfer rules.A general program based on this logic method is proposed for DAC safety analysis,but this program may never be terminal for some safety analysis goal.The safety analysis algorithm is achieved by simplifying the general program according to the property of the DAC model state transfer rules.This safety analysis algorithm is easier to understand and implement than the previous algorithms and its time complexity is O（N＋M＋T）,in which N,M,and T are the numbers of the rights with copy flag,the policies for right transferring,and the policies for right permitting,respectively. For the issue of the discretionary access control（DAC） model safety analysis,a logic method is proposed.This method takes the GD model as the classic DAC model and Prolog as the basic language to describe system states and state transfer rules.A general program based on this logic method is proposed for DAC safety analysis,but this program may never be terminal for some safety analysis goal.The safety analysis algorithm is achieved by simplifying the general program according to the property of the DAC model state transfer rules.This safety analysis algorithm is easier to understand and implement than the previous algorithms and its time complexity is O（N＋M＋T）,in which N,M,and T are the numbers of the rights with copy flag,the policies for right transferring,and the policies for right permitting,respectively.

作者 YAN Xuexiong WANG Qingxian ZHU Junhu XI Qi

机构地区 National Digital Switching System Engineering and Technological R&D Center

出处《Wuhan University Journal of Natural Sciences》 CAS 2012年第6期531-538,共8页 武汉大学学报（自然科学英文版）

基金 Supported by the National High Technology Research and Development Program of China (863 Program) (2007AA01Z471)

关键词 discretionary access control（DAC） safety analysis LOGIC state transfer discretionary access control（DAC） safety analysis logic state transfer

分类号 TP393 [自动化与计算机技术—计算机应用技术]

引文网络
相关文献

参考文献16

1Harrison M, Ruzzo W, Ullman J. Protection in operating systems [J]. Communications of ACM, 1976, 19(8): 461-471.
2Lipton R, Snyder L. A linear time algorithm for deciding subject security [J]. Journal of the ACM, 1977, 24(3): 455-464.
3Sandhu R. The schematic protection model: Its definition and analysis for acyclic attenuating schemes [J]. Journal of ACM, 1988, 35(2): 404-432.
4Sandhu R. The typed access matrix model [C]//Proc of 1992 IEEE Symposium on Security and Privacy. Los Alamitos: IEEE Computer Society Press, 1992: 122-136.
5Li N, Tripunitara M. Security analysis in role based access control [C]//Proc of the Ninth ACM Symposium on Access Control Models and Technologies (SACMAT 2004). New York: ACM Press, 2004: 126-135.
6Munawer Q, Sandhu R. Simulation of the augmented typed access matrix model (ATAM) using roles [EB/OL]. [2011-09-26]. http ://citeseerx. ist.psu, edu/viewdoc/download? doi= 10. 1.1.91. 612&rep=repl&type=pdf.
7杨秋伟,洪帆,杨木祥,朱贤.基于角色访问控制管理模型的安全性分析[J].软件学报,2006,17(8):1804-1810. 被引量：38
8Sasturkar A, Yang P, Stoller S. Policy analysis for administrative role based access control [C]//Proc of 19th IEEE Workshop on Computer Security Foundations. New York: IEEE Press, 2006: 183-196.
9刘强,姜云飞,饶东宁.基于Graphplan的ARBAC策略安全分析方法[J].计算机学报,2009,32(5):910-921. 被引量：9
10Jiang Yixin, Lin Chuang, Yin Hao, et al. Zhangxi T. Security analysis of mandatory access control model [C]//Proc of 2004 IEEE International Conference on Systems, Man and Cybernetics. New York: IEEE Press, 2004:5013-5018.

二级参考文献24

1杨秋伟,洪帆,杨木祥,朱贤.基于角色访问控制管理模型的安全性分析[J].软件学报,2006,17(8):1804-1810. 被引量：38
2Ferraiolo David, Kuhn Richard. Role-based access controls//Proceedings of the 15th NIST-NCSC National Computer Security Conference. Baltimore, MD, 1992:554-563
3Sandhu R, Coyne E J, Feinstein H L et al. Role-based access control models. IEEE Computer, 1996, 29(2): 38-47
4Sandhu Ravi, Bhamidipati Venkata, Munawer Qamar. The ARBAC97 model for role-based administration of roles. ACM Transactions on Information and System Security, 1999, 2(1):105-135
5Harrison M A, Ruzzo W L, Ullman J D. Protection in operating systems. Communications of the ACM, 1976, 19(8): 461-471
6Li N H, Winsborough W H, Mitchell J C. Beyond proof-of- compliance: Safety and availability analysis in trust management//Proceedings of the IEEE Symposium on Security and Privacy. Oakland, 2003:123-139
7Li N H, Tripunitara M V. Security analysis in role-based access control//Proceedings of the 9th ACM Symposium on Access Control Models and Technologies (SACMAT 2004). New York, 2004:126-135
8Munawer Q, Sandhu R. Simulation of the augmented typed access matrix model (ATAM) using roles//Proceedings of the International Conference on Information and Security. Shanghai, China, 1999
9Sasturkar A, Yang Ping, Stoller S D et al. Policy analysis for administrative role based access control//Proceedings of the 19th IEEE Workshop on Computer Security Foundations. Venice, Italy, 2006: 183-196
10Lifschitz E. On the semantics of STRIPS//Proceedings of the Reasoning about Actions and Plans. Timberline, Oregon, 1987:1-9

共引文献40

1梁柱森,梁伟坚,韦云毅.基于ThinkPHP框架的创业培训管理系统的设计与实现[J].微型机与应用,2013,32(23):7-9. 被引量：2
2谢卫星,谭邦,夏石莹.基于属性与约束的用户角色自动指派[J].南华大学学报（自然科学版）,2006,20(4):85-88.
3陈明忠.基于角色访问控制模型的应用研究[J].电脑与电信,2007(5):11-13.
4许为华.电信网管中通用安全管理模型的设计与实现[J].计算机时代,2007(6):22-24.
5陈明忠.基于角色访问控制模型的应用研究[J].天津工程师范学院学报,2007,17(2):35-37. 被引量：3
6许爱军,张文金,易丹.基于虚拟现实技术的远程教育平台研究与实现[J].计算机系统应用,2007,16(8):23-26. 被引量：13
7刘志远,杨秋伟,崔国华,洪帆.一种基于标识的隐私资源保护方案[J].计算机应用,2008,28(2):418-421. 被引量：2
8杨萍,李杰,胡芳.基于资源的RBAC模型的研究与分析[J].计算机测量与控制,2008,16(2):231-232. 被引量：6
9林炼,黎忠文.分散式角色激活管理中的角色查找[J].福建电脑,2008,24(4):9-10.
10杨莉.基于分布式网络的电子文档安全管理系统的应用研究[J].电脑与电信,2008(1):39-41. 被引量：1

1谭良,周明天.Implementing Discretionary Access Control with Time Character in Linux and Performance Analysis[J].Journal of Electronic Science and Technology of China,2006,4(3):274-280. 被引量：1
2谭继红.办公自动化系统安全模型研究[J].计算机工程与应用,2005,41(20):202-205. 被引量：2
3力旺电子Logi CNVM IP锁定相机模块应用[J].中国集成电路,2015,24(8):14-14.
4梁云娟.用ASP开发基于WEB的网络考试系统[J].河南职业技术师范学院学报,2004,32(4):58-59.
5王文辉.基于JavaScript的网页子窗口的创建[J].今日科苑,2010(24):60-60.
6凌诗佳,蓝伴儒.浅析HTML与CSS的功能、区别与联系[J].信息系统工程,2011(8):123-124. 被引量：2
7齐巨慧.基于数据挖掘的网络信息安全策略研究[J].电脑编程技巧与维护,2014(14):114-115. 被引量：3
8Vladimir Chudanov Anna Aksenova Valerii Pervichko.CFD Based Numerical Modules for Safety Analysis at NPPs Validation and Verification[J].材料科学与工程（中英文B版）,2011,1(3):259-267.
9罗琰,张涛,张毓森.Linux环境下访问控制列表机制的设计与实现[J].解放军理工大学学报（自然科学版）,2004,5(3):24-27. 被引量：3
10张亚鹏.基于ASP.NET的电子商务系统用户权限设计与实现[J].计算机安全,2004(9):33-35. 被引量：12

Wuhan University Journal of Natural Sciences

2012年第6期

浏览历史

内容加载中请稍等...

A Logic-Based Safety Analysis Algorithm for Discretionary Access Control

参考文献16

二级参考文献24

共引文献40

相关作者

相关机构

相关主题

浏览历史