一种基于信息流控制的多级安全通道模型  

A Multi-level Secure Channel Model Based on Information Flow Control

在线阅读下载全文

作  者:李海华 LI Hai-hua(Information Engineering University,Zhengzhou 450002,China;Henan Industry and Trade Vocational College,Zhengzhou 450012,China)

机构地区:[1]中国人民解放军战略支援部队信息工程大学,河南郑州450002 [2]河南工业贸易职业学院,河南郑州450012

出  处:《计算机技术与发展》2023年第3期85-92,共8页Computer Technology and Development

基  金:国家重点研发计划(2016YFB050190104)。

摘  要:针对安全通信及多级安全访问控制应对网络通信数据等级保护这两种模型存在的缺陷,明确了安全通道、实体、安全客体、系统状态、安全系统等几个概念,定义了由创建、打开、读、写、关闭等构成的操作集,给出了安全通道操作、安全通道处理约束、安全标记调整等模型安全规则构成的安全通道操作规则集合,保证了通道操作、安全标记调整、信息流控制的可靠及安全,构建了一种基于安全标记的网络安全通信模型。对模型定理作了进一步的证明,提出一个模型实例,并与相关模型进行了性能对比,该模型具有通用性、灵活性等特点,实现了多级网络环境下不同密级信息流的隔离保护与安全传输。Aiming at the defects of the two models of secure communication and multi-level secure access control dealing with the hierarchical protection of network communication data, we define several concepts, such as secure channel, entity, security object, system state and security system, and define the operation set composed of creation, opening, reading, writing and closing. Present a set of safe channel operation rules composed of safe channel operation, safe channel processing constraints, safe tag adjustment and other model safety rules to ensure the reliability and security of channel operation, safe tag adjustment and information flow control, and construct a safe network communication model based on security tag. The model theorem is further proved, a model example is presented, and the performance of the model is compared with that of the relevant model. The model has the characteristics of universality and flexibility, and realizes the isolation protection and secure transmission of different secret levels of information flow in multilevel network environment.

关 键 词:信息流 安全通道 安全系统 操作集 操作规则 

分 类 号:TP393.2[自动化与计算机技术—计算机应用技术]

 

参考文献:

正在载入数据...

 

二级参考文献:

正在载入数据...

 

耦合文献:

正在载入数据...

 

引证文献:

正在载入数据...

 

二级引证文献:

正在载入数据...

 

同被引文献:

正在载入数据...

 

相关期刊文献:

正在载入数据...

相关的主题
相关的作者对象
相关的机构对象