主体完整性标记动态确定方案及其正确性证明  被引量:1

Dynamic Determination Scheme of Subject′s Integrity Level and its Correctness Proof

在线阅读下载全文

作  者:张明西[1,2] 韦俊银[1] 张相峰[3] 王以刚[1] 刘晖[1,2] 

机构地区:[1]东华大学计算机科学与技术学院,上海201620 [2]东华大学纺织面料技术教育部重点实验室,上海201620 [3]中国科学院软件研究所,北京100080

出  处:《小型微型计算机系统》2011年第4期656-661,共6页Journal of Chinese Computer Systems

基  金:国家自然科学基金项目(90718027)资助;高等学校纺织生物医用材料学科创新引智计划项目(B070204)资助

摘  要:B iba模型的严格完整性策略能够保证数据的完整性,但是其静态实施可能降低系统的兼容性.在B iba模型严格完整性策略基础上提出了主体完整性标记动态确定方案.将主体完整性等级扩展为独立的读写区间,根据主体读写历史调整主体可读写的区间,在保护系统完整性的同时提高了系统的兼容性.给出了形式化证明,说明该方案是安全的.指出了现行改进方案中存在的安全隐患及导致该隐患的原因,通过对比分析说明动态确定方案能够消除该安全隐患.Strict Integrity Policy (SIP) of Biba model can be used to maintain the integrity of data in computer systems, but it might deny some non-malicious access requirements and hence decreases the compatibility of applications. A dynamic determination scheme of subject's integrity level which based on the subject's history behavior is presented, which can increase the compatibility of the software while keeping system integrity as strictly as SIP can. And the proof of it is also given, which shows that the improved SIP is secure. The security risk of the existing improved SIP which is resolved in our scheme is indicated by an example after comparison and analysis, and the main reason which leads to this phenomenon is also demonstrated.

关 键 词:Bib模型 严格完整性策略 完整性 兼容性 

分 类 号:TP311[自动化与计算机技术—计算机软件与理论]

 

参考文献:

正在载入数据...

 

二级参考文献:

正在载入数据...

 

耦合文献:

正在载入数据...

 

引证文献:

正在载入数据...

 

二级引证文献:

正在载入数据...

 

同被引文献:

正在载入数据...

 

相关期刊文献:

正在载入数据...

相关的主题
相关的作者对象
相关的机构对象