检索规则说明:AND代表“并且”;OR代表“或者”;NOT代表“不包含”;(注意必须大写,运算符两边需空一格)
检 索 范 例 :范例一: (K=图书馆学 OR K=情报学) AND A=范并思 范例二:J=计算机应用与软件 AND (U=C++ OR U=Basic) NOT M=Visual
名 称:
注 释:
机构地区:[1]国防科学技术大学计算机学院,长沙410073
出 处:《中国电子商情(通信市场)》2012年第1期111-119,共9页
摘 要:针对Biba模型对主体和客体的完整级限制过于严格,兼容性和可用性低,以及为解决可用性而引入的可信主体访问权限和访问范围过大的问题,提出一种混合Biba和TE策略的强制完整性控制模型。该模型的完整性控制由Biba严格完整性策略实施,主体的权限通过TE策略所实现的访问隔离思想、最小权限原则和域转换能力进行控制,在提高Biba模型兼容性和可用性的同时,实现主体权限和访问范围的细粒度控制。The Biba model was over-strict in the limit of subject and object integrity level and had low compatibility and usability. The trusted subject introduced into the model had increased its usability but it was usually over authorized and much more vulnerable. In the paper, a mandatory integrity control model was proposed, which mixed Biba with TE(Type Enforcement) policy. In this model, integrity access control is carried out by Biba Strict Integrity Policy, and the subject's privilege is controlled by access isolation, least privilege and domain control which is achieved through TE. While improving the compatibility and usability of Biba, it also achieves a fine-grained access control in access permissions and access ranges.
关 键 词:完整性策略 强制完整性控制 BIBA模型 TE策略
分 类 号:TP311.13[自动化与计算机技术—计算机软件与理论]
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在链接到云南高校图书馆文献保障联盟下载...
云南高校图书馆联盟文献共享服务平台 版权所有©
您的IP:3.142.135.246