检索规则说明:AND代表“并且”;OR代表“或者”;NOT代表“不包含”;(注意必须大写,运算符两边需空一格)
检 索 范 例 :范例一: (K=图书馆学 OR K=情报学) AND A=范并思 范例二:J=计算机应用与软件 AND (U=C++ OR U=Basic) NOT M=Visual
名 称:
注 释:
作 者:彭飞[1] 张涛[1] 徐伟光[1] 赵敏[1] 秦恒加
机构地区:[1]解放军理工大学指挥信息系统学院,南京210007 [2]解放军理工大学通信工程学院,南京210007
出 处:《计算机工程与应用》2018年第2期114-118,148,共6页Computer Engineering and Applications
基 金:2013国家重大专项课题资助(No.2013ZX03006-003)
摘 要:随着操作系统安全问题增多,用户对于操作系统的安全需求不断涌现,但是目前能够将用户的安全需求转换成现有操作系统上可配置的安全策略的方法很少。通过建立安全属性和系统调用的匹配关系,将安全属性作为授权系统调用的约束,提出一种基于本体的面向目标的操作系统安全策略生成模型。该模型可支持以白名单形式描述的安全需求的细化,将安全分析者的经验加入到模型中,在推理机的支持下,帮助执行从用户安全需求到具体安全策略的推理,和安全策略一致性检测。具体应用案例说明了该方法的可行性。With the increase of operating system security problems, the user's security requirements toward operating system are increasing constantly, but at present there are few methods to translate user's security requirements into security policies of current security model. By establishing matching relationship between security attributes and system calls, the security attributes are used as the constraint of authorization in system. An ontology based goal oriented model for the security policy generation of operating system is proposed. The model can support the refinement of security requirements which are described in terms of the white-list, the experience of security analysts will be added to the model. And the translation between users' security requirements and specific security policies, and the consistency of security policy can be drawn via an OWL reasoner. The feasibility of the method is illustrated by a concrete study case.
分 类 号:TP391[自动化与计算机技术—计算机应用技术]
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在链接到云南高校图书馆文献保障联盟下载...
云南高校图书馆联盟文献共享服务平台 版权所有©
您的IP:216.73.216.117