检索规则说明:AND代表“并且”;OR代表“或者”;NOT代表“不包含”;(注意必须大写,运算符两边需空一格)
检 索 范 例 :范例一: (K=图书馆学 OR K=情报学) AND A=范并思 范例二:J=计算机应用与软件 AND (U=C++ OR U=Basic) NOT M=Visual
名 称:
注 释:
出 处:《计算机学报》2004年第5期619-624,共6页Chinese Journal of Computers
基 金:国家"九七三"重点基础研究发展规划项目基金 (G19990 3 5 80 1)资助
摘 要:安全模型是用形式化的方法来描述如何满足系统的安全要求 .经典的安全模型都只能要么满足系统的保密性要求 (如BLP模型 ) ,要么满足完整性的要求 (如Biba模型 ) .该文提出了一个多级安全策略的二维标识模型 ,在对可信主体必须遵守最小特权原则的前提下 ,利用保密性标识和可信度标识共同构成主客体的访问标识 ,并利用两个约束条件 ,使得既能防止越权泄露信息 ,又能控制信息的非授权修改 ,从而同时保证了系统的保密性和完整性 .Security model is the foundation for meeting the security needs of information systems. Classical security models can only meet either confidentiality or integrity. None of model could resolve both of security requirements simultaneously. This paper presents a planar attributes model based on multi level security policy. In the model, the trusted subjects must accord with the least privilege principle. The concepts of confidence level and trusted level as labels of subjects and objects for constraining subjects accessing to objects are briefly described. This paper details a formal description and verification on the model which provides both the confidentiality and integrity for the system. It also explain the model in informal language briefly to help understand. Lastly, some open issues about model implementation are discussed, and the future direction of the model is pointed out. This model will be beneficial to be successful applied to constructing security systems in practices.
关 键 词:多级安全策略 二维标识模型 安全模型 最小特权 系统保密性 完整性
分 类 号:TP309[自动化与计算机技术—计算机系统结构]
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在链接到云南高校图书馆文献保障联盟下载...
云南高校图书馆联盟文献共享服务平台 版权所有©
您的IP:3.141.28.197