信息泄露防御模型在企业内网安全中的应用  被引量：29

作　　者：赵勇[1] 刘吉强[1] 韩臻[1] 沈昌祥[1,2] 

机构地区：[1]北京交通大学计算机信息与技术学院 [2]海军计算技术研究所北京100841

出　　处：《计算机研究与发展》2007年第5期761-767,共7页Journal of Computer Research and Development

基　　金：国家"九七三"重点基础研究发展规划基金项目(2007CB307101;TG1999035801)~~

摘　　要：在企业内网终端上都存在一些不允许被泄漏到企业应用环境之外的敏感信息.但是目前还没有一个合理的解决方案,能够做到既不降低系统的可用性,又能保护这些敏感信息的机密性.针对上述现实,提出了一个基于密码隔离的防信息泄漏的内网安全模型.该模型利用访问控制和密码手段,合理控制了用户的行为,从而不会发生敏感信息被有意或无意地泄漏出去的事故.此外,为了达到上述密码隔离的目的,又提出了一个密钥管理方案,结合现有对称加密算法,首次实现了一人加密,指定多人解密的功能,具有一定价值.Confidentiality is one of the goals of information security, which is to prevent information from being accessed by unauthorized entities during the course of its storage and distribution. In the enterprise network terminals, they were not allowed to leak sensitive information outside the enterprise application environment for the reason of confidentiality. While in the reality, these information can be leaked outside in the following ways, 1） with floppy disk, USB disk and so on, 2） first printed with printers, and then taken away, and 3） with all kinds of network devices. But unfortunately, there is not a reasonable solution, which can maintain the availability of the system while protecting the confidentiality of sensitive information. In view of this reality, an intranet information disclosure defendable security model based on crypt-isolation is proposed, in which the process＇s behavior is monitored, and its security level is adjusted dynamically. When a high level process wants to write information to a media that is liable to leak the information outside, the system will encrypt the information automatically. As a result, the user＇s behavior is controlled, and no sensitive information can be leaked, intentionally or unintentionally. Furthermore, in order to achieve crypt-isolation, a new key management solution is presented. Combined with the existing symmetric encryption algorithms, this key management solution can provide ＂one person encryption and specified people decryption＂ ability, which is very worthy.

关 键 词：信息泄露 密码隔离 访问控制 虚拟涉密网 进程控制 

分 类 号：TP309.2[自动化与计算机技术—计算机系统结构]