检索规则说明:AND代表“并且”;OR代表“或者”;NOT代表“不包含”;(注意必须大写,运算符两边需空一格)
检 索 范 例 :范例一: (K=图书馆学 OR K=情报学) AND A=范并思 范例二:J=计算机应用与软件 AND (U=C++ OR U=Basic) NOT M=Visual
名 称:
注 释:
机构地区:[1]南京大学软件新技术国家重点实验室
出 处:《计算机应用》2007年第11期2699-2703,2706,共6页journal of Computer Applications
基 金:国家自然科学基金资助项目(60473093)
摘 要:传统的MLS策略侧重于信息机密性保护,却很少考虑完整性,也无法有效实施信道控制策略,在解决不同安全级别信息流动问题时采用的可信主体也存在安全隐患。为了在同一系统中满足多样性的安全需求,给出混合多策略模型——MPVSM模型,有机组合了BLP、Biba、DTE、RBAC等安全模型的属性和功能,消除了MLS模型的缺陷,提高了信道控制能力和权限分配的灵活度,对可信主体的权限也进行了有力的控制和约束。给出MPVSM模型的形式化描述以及在原型可信操作系统Nutos中的实现,并给出了策略配置实例。Increasing diversity and complexity of the computing environments result in various security requirements. MLS security policy only aims at confidentiality assurance, in less consideration of integrity assurance and weakness in channel control. To handle that the trusted subjects have many security shortcomings of MLS model, a multi-policy views security model (MPVSM) was presented. Based on the MLS model, MPVSM combined the domain and type attributes to the model, to enforce the channel control policy, make permission management more fine-grained and enhance the ability to confine the permission of the trusted subjects. MPVSM was also able to enforce multi-pollcy views in operating system in a flexible way. The implementation of the MPVSM model in our prototype trusted operating system Nutos was also introduced.
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在链接到云南高校图书馆文献保障联盟下载...
云南高校图书馆联盟文献共享服务平台 版权所有©
您的IP:216.73.216.28