一种面向多级安全的文件系统实现机制  被引量:1

A File System Implementation Mechanism For Multilevel Security

在线阅读下载全文

作  者:杨琼[1] 王冬[1] 

机构地区:[1]中航工业西安航空计算技术研究所,陕西西安710068

出  处:《航空计算技术》2017年第3期94-97,共4页Aeronautical Computing Technique

基  金:装备预研联合基金项目资助(6141B05060401)

摘  要:分别从信息安全和系统安全角度对多级安全文件系统的实现进行了分析,提出了一种面向多级安全的文件系统实现机制,即基于多级安全的访问控制方法和分区数据的隔离保证措施。采用以分区为单位来隔离卷空间的外存管理方式,以高可靠文件系统的事务特征确保内外存数据的一致性,该机制不仅符合多级安全的分区隔离思想,实现了不同分区间数据的隔离,而且能够保证在意外情况下数据的一致性。为了验证提出的多级安全文件系统实现机制的可行性与正确性,在现有分区操作系统上对该文件系统进行了测试与验证。测试结果表明,多级安全文件系统实现机制不仅能够确保访问控制安全,还能确保多级安全的分区隔离特性,使得应用分区只能根据所配置的安全策略进行安全的文件操作。This paper presents a multi- level security file system implementation mechanism. The realiza- tion of muti- level security file system is analyzed from the point of view of information security and system security, and the access control method based on multi- level security and the isolation guarantee of part- tion data are put forward. The method of parttion management mode of the volume space, and the transac- tion characteristics of realiable file system are ensured to ensure the consistency of the internal and exter- nal data. The mechansism not only conforms to the multi- level security parttion isolation idea, but also a- chieves the data of different parttions isolation, and to ensure consistent data in case of accident. In order to verify the feasibility and correctness of the multi- level security file systemimplementation mechanism proposed in this paper, the file system is tested and verified on the existing partition operating system. The test results show that the multi- level security file system implementation mechanism proposed in this pa- per can not only ensure the security of access control, but also ensure the multi- level security partition i- solation feature, so that the application partition can not only carry on the safe file operation according to the configured security policy.

关 键 词:访问控制 文件系统 多级安全 安全策略 

分 类 号:TP309.2[自动化与计算机技术—计算机系统结构]

 

参考文献:

正在载入数据...

 

二级参考文献:

正在载入数据...

 

耦合文献:

正在载入数据...

 

引证文献:

正在载入数据...

 

二级引证文献:

正在载入数据...

 

同被引文献:

正在载入数据...

 

相关期刊文献:

正在载入数据...

相关的主题
相关的作者对象
相关的机构对象