多级安全OS与DBMS模型的信息流及其一致性分析  被引量：5

作　　者：李斓[1] 冯登国[2] 徐震[2] 

机构地区：[1]上海交通大学信息安全工程学院 [2]中国科学院软件研究所信息安全国家重点实验室,北京100080

出　　处：《计算机学报》2005年第7期1123-1129,共7页Chinese Journal of Computers

基　　金：国家"九七三"重点基础研究发展规划项目基金(G1999035802);国家自然科学基金(60025205;60273027);国家"八六三"高技术研究发展计划项目基金(2002AA141080)资助.~~

摘　　要：数据库安全与操作系统安全密不可分,如果多级安全DBMS的安全策略不违反OS的安全策略,那么可以使用多级安全OS的安全机制来实现DBMS的部分安全功能,如强制访问控制.信息流分析使我们能更好地理解安全策略的意义和内容.该文给出了多级安全OS模型和以该模型为基础的多级安全DBMS模型,首次详细分析了它们在强制访问控制策略下的信息流集合.经过主客体的映射后,证明了数据库与操作系统的信息流集合是一致的,这个结论保证了利用OS的机制来实现DBMS的强制访问控制的合理性.The security of database system (DBMS) is closely related to security of operation system (OS). Multilevel security DBMS can implement its security functions, such as mandatory access control (MAC), using the mechanisms of multilevel security OS only when the security policy of DBMS not violate the security policy of OS. Information flow analysis is beneficial to understanding the meaning and content of the security policies. The theory of information flow analysis is introduced at first. Before discussing the information flows, the multilevel security OS model and multilevel security DBMS model are presented. Then the information flows allowed in multilevel security OS and multilevel security DBMS are analyzed for the first time. The methods of analysis in OS and DBMS are similar: After concluding the objects that contain information, all the information flows among those objects are discussed according to the operations in the OS and DBMS. Because any object of DBMS can be mapped to one or a group of objects in OS, the category set of DBMS is a subset of the category set of OS. Finally the set of DBMS's information flows is proved consistent with the one of OS's information flows based on the definition of the consistence between two information flow sets. The conclusion guarantees the soundness of implementing mandatory access control of multilevel security DBMS using the mechanisms of multilevel security OS.

关 键 词：信息流 多级安全数据库 多级安全操作系统 一致性 多级关系模型 

分 类 号：TP309[自动化与计算机技术—计算机系统结构]