面向移动Web操作系统的BLP改进模型及应用  被引量：2

作　　者：朱大立 杨莹[1,2] 金昊 邵京[1,2] 冯维淼 ZHU Dali YANG Ying JIN Hao SHAO Jing FENG Weimiao(University of Chinese Academy of Sciences, Beijing 100049, China Institute of Information Engineering, Institute of Information Engineering, Chinese Academy of Sciences, Beijing 100093, China)

机构地区：[1]中国科学院大学,北京中国100049 [2]中国科学院信息工程研究第四研究室,北京中国100093

出　　处：《信息安全学报》2017年第4期13-26,共14页Journal of Cyber Security

基　　金：中国科学院战略性先导专项项目:重点行业应用系统信息安防关键技术研究(No.XDA06010703)资助

摘　　要：作为重要的机密性策略经典模型,BLP模型通过对主体和客体进行分级和标记,并引入高安全等级的引用监视器,实现信息系统的强制访问。随着移动智能终端的普及,Web操作系统因其具有移动性、移植性、高扩展性和跨平台性等优点,成为移动政务系统的主要解决方案之一,并越来越受到研究人员的重视。但现有的Web操作系统对机密性要求不高,无法满足移动政务系统对安全保密的需求。本文从安全模型构建入手,对智能终端的Web操作系统进行抽象建模,并重定义BLP模型的元素,增强主客体的访问控制以提高其机密性。鉴于BLP模型缺乏可信主体的最小权限原则和完整性约束,本文在改进的BLP模型当中重新划分主体、客体的安全级,增加可信级别标记和角色映射函数,并针对现有的Web操作系统进行模型映射,实现了最小权限原则、主体完整性约束和域间隔离机制,可有效提高Web操作系统机密性等级。BLP model is a classic model of important strategies of confidentiality, which realizes the mandatory access control by classifying and marking the subjects and objects as well as introducing reference monitor of high safety level. With the popularity of mobile devices, web operating system is attracting more and more attentions from researchers for its advantages of cross-platform, high mobility, portability and scalability. And it is used as a system-level solution of mobile e-government. But existing Web operating systems provide low confidentiality, and ambiguous design of system security access control policy, so they cannot meet the security demand of the mobile e-government system. This paper builds the security model based on the abstract modeling of Web operating system, and redefines the model elements, mapping functions, as well as access control policy on both the subject and object to improve its confidentiality. As BLP model is lack of the least privilege principle on trusted subject and integrity constraints, we redraw the security level of the subject and object, add the tag of confidence level and role mapping function which is according to the existing security model of Web operating system. Finally, we implement the principle of least privilege, the integrity constraints on subjects and isolation mechanism between domains, which can effectively improve the security.

关 键 词：Web操作系统 BLP模型 移动终端 操作系统安全 最小权限原则 完整性 隔离 

分 类 号：TP309.1[自动化与计算机技术—计算机系统结构]