期刊文献+
任意字段
题名或关键词
题名
关键词
文摘
作者
第一作者
机构
刊名
分类号
参考文献
作者简介
基金资助
栏目信息

环境适应的通用多安全政策支持框架研究 被引量:1

A Study of Generalized Environment-Adaptable Multi-Policies Supporting Framework
下载PDF
导出
摘要 在当今复杂多变的安全环境中 ,信息系统需要实施灵活完善的安全政策 在开发RFSOS安全操作系统和研究FLASK ,DTOS安全体系结构的基础上 ,提出能适应环境变化的多安全政策支持框架———Guards,在RFSOS中实现原型 ,并且依据 Nowadays, flexible and adaptive policies must be enforced into automated information systems (AIS) to cope with the complex and capricious security environment Based on the development of RFSOS security OS and study of FLASK and DTOS, a multi policies supporting framework-Guards which is adaptive to the changeful security environment, is put forward and compared with FLASK according to the nine criteria The prototype has been implemented in RFSOS
作者 单智勇 孙玉芳
机构地区 中国科学院软件研究所
出处 《计算机研究与发展》 EI CSCD 北大核心 2003年第2期235-244,共10页 Journal of Computer Research and Development
基金 国家自然科学基金 (60 0 73 0 2 2 ) 国家"八六三"高技术研究发展计划基金 (863 3 0 6 ZD12 14 2 ) 中国科学院知识创新工程基金(KGCX 1 0 9)
关键词 环境适应 通用多安全政策支持框架 信息安全 信息系统 多安全政策 安全操作系统 multi policies FLASK generalized framework for access control security OS
分类号 TP309 [自动化与计算机技术—计算机系统结构] TP316 [自动化与计算机技术—计算机软件与理论]
  • 相关文献

参考文献17

  • 1M Abrams, L LaPadula, K Eggers et al. A generalized framework for access control: An informal description. The 13th National Computer Security Conf, 1990
  • 2Defense Information Systems Agency. Technical Architecture Framework for Information Management, Vol 6: Department of Defense Goal Security Architecture, 1996
  • 3Secure Computing Corporation. DTOS lessons learned report. Secure Computing Corporation, Tech Rep: DTOS CDRL A008, 1997
  • 4Secure Computing Corp. Assurance in the fluke microkernel: Final report. CDRL A003. Tech Rep: MN 55113, 1999
  • 5Ray Spencer, Stephen Smalley, Peter Loscocco et al. The flask security architecture: System support for diverse security policies. University of Utah, Tech Rep: UUCS-98-014, 1998
  • 6N H Minsky, V Ungureanu. Unified support for heterogeneous security policies in distributed systems. The 7th USENIX Security Symposium, San Antonio, Texas, 1998
  • 7E Bertino, S Jajodia, P Samarati. Supporting multiple access control policies in database systems. IEEE Symposium on Security and Privacy, Oakland, 1996
  • 8C Bidan, V Issarny. A configuration-based environment for dealing with multiple security policies in open distributed systems. The 2nd European Research Seminar on Advances in Distributed Systems, Zinal, Switzerland, 1997
  • 9S Jajodia, P Samarati, V Subrahmanian et al. A unified framework for enforcing multiple access control policies. The SIGMOD'97, Tucson, AZ, 1997
  • 10Peter Loscocco, Stephen Smalley. Integrating flexible support for security policies into the Linux operating system. NSA and NAI Labs, Tech Rep, 2001

二级参考文献36

  • 1[1]M D Abrams. Renewed understanding of access control policies. The 16th National Computer Security Conf, 1993
  • 2[2]DTOS generalized security policy specification. Secure Computing Corporation. Tech Rep: DTOS CDRL A019, 1995
  • 3[3]P Loscocco et al. The inevitability of failure: The flawed assumption of security in modern computing environments. The 21st National Information Systems Security Conf, Crystal City, Virginia, 1998
  • 4[4]DARPA/ISO. Research challenges in operating system security. 1997. http:∥www.ito.arpa.mil/Proceedings/OS Security/challenges/challenges long.html
  • 5[5]Feustel, Mayfield. The DGSA: Unmet information security challenges for operating system designers. Operating Systems Review, 1998, 32(1): 3~22
  • 6[6]R Spencer, S Smalley, P Loscocco et al. The flask security architecture: System support for diverse security policies. The 1999 USENIX Security Symposium, Denver, CO, 1999
  • 7[7]Information technology-security techniques-evaluation criteria for IT security. ISO/IEC 15408, International Standards Organization, 1999. http:∥csrc.nist.gov/cc
  • 8[8]E I Organick. The MULTICS System: An Examination of Its Structure. Cambridge, Massachusetts and London, England: MIT Press, 1972
  • 9[9]D Redell, R Fabry. Selective revocation of capabilities. The Inernational Workshop on Protection in Operating Systems, 1974
  • 10[10]L Gong. A secure identity-based capability system. The 1989 IEEE Symp on Security and Privacy, Dakland, California, 1989

共引文献27

同被引文献10

  • 1单智勇,孙玉芳.带二级缓冲机制的通用访问控制框架研究及实现[J].计算机学报,2004,27(11):1576-1584. 被引量:3
  • 2Abrams M,LaPadula L,Eggers K,et al.A Generalized Framework for Access Control:An Informal Description[C]//Proceedings of the 13th National Computer Security Conference.1990:134-143.
  • 3Secure Computing Corporation.DTOS Lessons Learned Report[R].Secure Computing Corporation,Secure Computing Corporation,Technical Report:DTOS CDRL A008,1997.
  • 4Spencer R,Smalley S,Loscocco P,et al.The Flask Security Architecture:System Support for Diverse Security Policies[R].Univ.of Utah.,Technical Report:UUCS-98-014,1998-08.
  • 5Minsky N H,Ungureanu V.Unified Support for Heterogeneous Security Policies in Distributed Systems[C]//Proc.of the 7th USENIX Security Symposium.1998-01.
  • 6Jajodia S,Samarati P,Subrahmanian V,et al.A Unified Framework for Enforcing Multiple Access Control Policies[C]//Proc.of SIGMOD'97.1997:474-485.
  • 7Loscocco P,Smalley S.Integrating Flexible Support for Security Policies into the Linux Operating System[R].NSA and NAI Labs,2001.
  • 8Galiasso P,Bremer O,Hale J,et al.Policy Mediation for Multi-enterprise Environments[C]//Proc.of ACSAC.2000:100-106.
  • 9Osborn S,Sandhu R,Munawer Q.Configuring Role-based Access Control to Enforce Mandatory and Discretionary Access Control Policies[J].ACM Transactions on Information and System Security,2000,3(2):85-106.
  • 10单智勇,孙玉芳.一个应用于操作系统的RBAC模型及其实施[J].计算机研究与发展,2004,41(2):287-298. 被引量:11

引证文献1

计算机研究与发展
2003年 第2期

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部