基于任务划分的防信息聚合泄密模型  

Information aggregation leakage proof model based on assignment partition

在线阅读下载全文

作  者:解文冲[1,2] 杨英杰[1,2] 汪永伟[1,2] 代向东[1,2] 

机构地区:[1]信息工程大学,郑州450004 [2]河南省信息安全重点实验室(信息工程大学),郑州450004

出  处:《计算机应用》2013年第2期408-411,416,共5页journal of Computer Applications

基  金:国家973计划项目(2011CB311801)

摘  要:针对BLP模型中存在的信息聚合泄密、可信主体权限过大以及模型完整性缺失的问题,结合文件分级保护的需求,提出了基于任务划分的防信息聚合泄密模型IALP。首先,探讨了信息聚合形成的原因及研究现状;然后,以任务划分为基础,对主体的信息可知度及客体所占信息权重进行量化,提出了相对可信主体的概念,给出了模型安全公理和状态转换规则。最后,经理论证明、应用举例和分析表明,该模型能够控制主体对具有聚合泄密关系的客体集合的可知程度,并在一定程度上限制可信主体权限以及增强完整性。To solve the problems existing in BLP (Bell-LaPadula) model, such as information aggregation leakage, excessive privileges of trusted subject and the deficiency of integrity, with reference to the application requirement of hierarchical file protection, an information aggregation leakage proof model named IALP ( Information Aggregation Leakage Proof) was proposed based on assignment partition. First of all, the cause of information aggregation leakage and the current research situation were discussed. Secondly, on the basis of assignments partition, the knowledgeable degree of subject and the information weight of object were quantized, and the relatively trusted subject was proposed. Security axioms and state transition rules were given. Finally, the theoretical proof, application examples and analysis indicate that IALP can control the knowable degree of the subject towards the object set with the aggregation leakage relation, and limits the privilege of trusted subject and enhances the integrity to some extent.

关 键 词:文件分级保护 Bell—LaPadula(BLP)模型 信息聚合 可信主体 完整性 

分 类 号:TP309.2[自动化与计算机技术—计算机系统结构]

 

参考文献:

正在载入数据...

 

二级参考文献:

正在载入数据...

 

耦合文献:

正在载入数据...

 

引证文献:

正在载入数据...

 

二级引证文献:

正在载入数据...

 

同被引文献:

正在载入数据...

 

相关期刊文献:

正在载入数据...

相关的主题
相关的作者对象
相关的机构对象