基于BLP模型的XML访问控制

XMLAccess Control Based on BLP Model

在高安全领域,XML文档中可能包含不同程度的敏感信息。为了确保高敏感信息的完整性、安全性和可用性,XML文档存放的信息需要受到强制访问控制策略的保护。文章采用BLP强制访问控制模型,在XML文档中扩展了安全标签信息,并给出了扩展后的文档模型需要满足的规则;讨论了模型的体系结构和实现机制,并通过实验对XML文档上的四种基本操作的安全性进行了验证。

In the field ofhigh security, XMLdocuments maycontain sensitive information ofvarying degrees, in order to ensure the completion ofhighly sensitive information, security and availability of information stored in an XML document needs to be protection of mandatory access control policy. This paper adopts BLP mandatory access control model, extends the security label information in the XML document, and gives the rules that the extended document model s need to satisfy. Discusses the architecture of the model and the implementation mechanism, and verified by the safety experiment of 4basic operations on XMLdocuments.