检索规则说明:AND代表“并且”;OR代表“或者”;NOT代表“不包含”;(注意必须大写,运算符两边需空一格)
检 索 范 例 :范例一: (K=图书馆学 OR K=情报学) AND A=范并思 范例二:J=计算机应用与软件 AND (U=C++ OR U=Basic) NOT M=Visual
机构地区:[1]浙江大学计算机学院,杭州310027 [2]浙江工业大学计算机学院,杭州310023 [3]北京工业大学计算机学院,北京100124
出 处:《北京工业大学学报》2013年第3期402-406,共5页Journal of Beijing University of Technology
基 金:国家科技重大专项基金资助项目(2010ZX01037-001-001);国家软科学研究计划资助项目(2010GXQ5D317);浙江省重点科技创新团队基金资助项目(2009R50009)
摘 要:为了扩展BLP模型融入完整性,并解决BLP与Biba模型典型融合中的高保密完整性资源与低保密完整性资源互访困难问题,从数学背景乘积格角度分析BLP模型,构造了BLP-I扩展模型.BLP-I模型中标签的第2维分量改为可信级别,通过突出保密性中读操作和完整性中写操作的地位,区分主体和已读信息的可信级,协调了在生命周期内BLP模型的静态特性和Biba模型的动态特性.BLP-I模型以低保密完整性下级可向高保密完整性上级直接汇报,而上级主体可下调自身安全级间接向下级发指令的方式部分解决了互访困难问题.Mutual access dilemma between double-high level and double-low level resources in security and integrity was usually appeared during BLP model expansion with Biba. BLP model expansion with integrity which could resolve this dilemma was represented. An expansion model named BLP-I model was constructed in the view of product lattice analysis since lattice was BLP's mathematical background. The second dimension of label in BLP-I was substituted to indicate trust level. Read operation in security attribute and write operation in integrity were highlighted. The trust level of subject and messages had been read were distinguished. So the tranquility in BLP and dynamics in Biba during a lifecycle were coordinated in BLP-I. At last, dilemma was partially solved in BLP-I by permitting low security and integrity level direct report to double-high level while permitting double-high level lowered its own security level to issue to its underling.
分 类 号:TP303[自动化与计算机技术—计算机系统结构]
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在链接到云南高校图书馆文献保障联盟下载...
云南高校图书馆联盟文献共享服务平台 版权所有©
您的IP:216.73.216.222
