摘要
将涉密信息放入共享的数据库中保存必须解决其安全问题,访问控制是一种基本方法。文中首先分析了自主访问控制、强制访问控制、基于角色的访问控制这三种经典的访问控制模型,然后分析了涉密信息本身的特点及其操作管理的需求,并考虑了数据库应用程序中的主体、客体等因素,最后提出并设计了一个综合利用这些策略管理涉密信息的实现方案。该方案设计了几个数据库表,分别保存实现这三种访问控制模型所需的信息和各种类型的涉密信息,给出了这些信息之间的相互关系,划分了程序模块及其实现方案。该方案符合理论要求,切实可行。
Classified information to be included in the shared database must solve the security problem,access control is a kind of basic method. First,analyze the three classical access control models which are discretionary access control,mandatory access control and rolebased access control,then analyze the characteristics of secret information and the requirements of operational management,considering the subject,object and other factors in a database application. Finally,propose and design a realizing scheme which comprehensively uses these strategies to manage classified information in database applications. The scheme designs several database table which to save the information needed and various types of classified information to achieve these three access control model. The relationship between the information is presented,dividing the program module and its implementation scheme. The scheme is practicable.
出处
《计算机技术与发展》
2014年第8期131-134,共4页
Computer Technology and Development
基金
军队预研项目(2008yy02001)
关键词
访问控制
数据库应用程序
信息安全
access control
database applications program
information security
