期刊文献+
任意字段
题名或关键词
题名
关键词
文摘
作者
第一作者
机构
刊名
分类号
参考文献
作者简介
基金资助
栏目信息

一种增强自主访问控制安全性的方案 被引量:1

A Safety Strengthening Scheme for Discretionary Access Control System
下载PDF
导出
摘要 提出的自主访问控制系统的安全增强方案在修改客体的访问控制属性时,操作系统和被授权主体对修改进行评估和监控。采用数字双签名方案对授权主体和被授权主体进行身份鉴别,在不破坏自主访问控制的自主性的前提下,使访问控制属性的修改在安全、明确、受控的状态下进行,从而消除恶意程序对系统的攻击基础和环境,使采用DAC工作机制的操作系统的安全性得到增强。 This paper represents a safety strengthening scheme for DAC (Discretionary Access Control) system,in which the system operation and an authorized subject evaluate and monitor the modification of object' access control table. The digital dual signature is applied in order to authenticate a subject and an authorized subject' identity. On the premise of the discretionary characteristic not being spoiled, the modification of the access control property is completed in a state of safety, explicitness, and being controlled. The scheme eliminates the attacking potentiality of malicious programs so that the safety of OS which adopts DAC scheme is strengthened.
作者 陈兴蜀 李旭伟 沈昌祥 朱宏 冯伟森
机构地区 四川大学计算机学院 海军计算研究所
出处 《四川大学学报(工程科学版)》 EI CAS CSCD 2003年第4期82-85,共4页 Journal of Sichuan University (Engineering Science Edition)
基金 973项目资助项目(035801) 863项目资助项目(2002AA144020).
关键词 自主访问控制 强制访问控制 双签名 特洛伊木马 discretionary access control mandatory access control dual signature Trojan horse
分类号 TP309.2 [自动化与计算机技术—计算机系统结构]
  • 相关文献

参考文献1

二级参考文献1

  • 1GB 17859 1999 中华人民共和国国家标准 计算机信息系统安全保护等级划分准则,1999年

共引文献10

同被引文献13

  • 1徐震,李斓,冯登国.基于角色的受限委托模型[J].软件学报,2005,16(5):970-978. 被引量:52
  • 2Bertino E. , Bettini C. , Ferrari E. , Samarati P.. A temporal access control mechanism for database systems. IEEE Transactions on Knowledge and Data Engineering, 1996, 8(1) : 67-80
  • 3Bertino E. , Bettini C. , Ferrari E. , Samarati P.. An access control model supporting periodicity constraints and temporal reasoning. ACM Transactions on Database Systems, 1998, 23(3) : 213-285
  • 4Zhang L. , Ahn G. J. , Chu B. T.. A rule-based framework for role-based delegation. In: Proceedings of the 6th ACM symposium on Access Control Models and Technologies, Virginia,USA, 2001, 153-162
  • 5Jajodia S. , Samarati P. , Subrahmanian V. S. , Bertino E..Flexible support for multiple access control policies. ACM Transactions on Database Systems, 2001, 26(2): 214-260
  • 6Gal A. , Atluri V.. An authorization model for temporal data.In: Proceedings of the 7th ACM Conference on Computer and Communieations Seeurity, Athens, Oreeee, 2000, 144-153
  • 7Damianou N.. A policy framework for management of distributed systems[Ph. D. dissertation]. University of London, London, 2002
  • 8Solworth J. A. , Sloan R. H.. A layered design of discretionary access controls with decidable safety properties. In: Proceedings of the 25th IEEE Symposium on Security and Privacy,Berkeley, California, 2004, 56 - 67
  • 9Li Ning-Hui, Tripunitara M. V.. On safety in discretionary access control. In: Proceedings of the 26th IEEE Symposium on Security and Privacy, Oakland, California, 2005, 96-109
  • 10Zhang L. , Ahn G. J. , Chu B. T.. A rule-based framework for role-based delegation and revocation. ACM Transactions on Information and System Security, 2003, 6(3): 404-441

引证文献1

二级引证文献20

四川大学学报(工程科学版)
2003年 第4期

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部