| 改进的多级安全模型的设计与实现 |
| |
| 引用本文: | 胡明,潘雪增,李文.改进的多级安全模型的设计与实现[J].计算机工程与应用,2011,47(4):77-80. |
| |
| 作者姓名: | 胡明 潘雪增 李文 |
| |
| 作者单位: | 浙江大学,计算机科学与技术学院,杭州,310027 |
| |
| 基金项目: | 国家支撑计划(No.2008BAH21B03); 浙江省科技计划(No.2007C11088); 浙江省重大专项(No.2007C11068) |
| |
| 摘 要: | 在分析BLP模型和RBAC模型及其相关衍生模型的基础上,提出一种改进的模型。改进模型主要有4个重要特点:(1)实施完整性控制,保证信息流上写安全性;(2)限定可信主体,赋予其余主体有限特权;(3)实施RBAC模型,分配角色和权限;(4)引入审计机制,提供策略监控。实验结果表明,改进后的模型在完善安全性的同时提高了实用性。
|
| 关 键 词: | 完整性控制 可信主体 基于角色的访问控制(RBAC)模型 审计机制 |
| 收稿时间: | 2010-5-31 |
| 修稿时间: | 2010-8-11
|
Design and implementation of improved multiple-level security model |
| |
| HU Ming,PAN Xuezeng,LI Wen.Design and implementation of improved multiple-level security model[J].Computer Engineering and Applications,2011,47(4):77-80. |
| |
| Authors: | HU Ming PAN Xuezeng LI Wen |
| |
| Affiliation: | HU Ming,PAN Xuezeng,LI Wen Department of Computer Science and Technology,Zhejiang University,Hangzhou 310027,China |
| |
| Abstract: | On the basis of the BLP model and RBAC model,a new improved multiple-level model is presented.The improved model has four important features:(1)carry out the control of integrity;(2)constrain the trusted subject and limit the right of other subjects;(3)realize RBAC model to assign the role and the permission;(4)fulfill the audit mechanism rules to monitor the security policy.Experimental results show that the improved model increases security and the usability. |
| |
| Keywords: | control of integrity trusted subject Role-Based Access Contro(lRBAC)model audit mechanism |
| 本文献已被 CNKI 维普 万方数据 等数据库收录! |
| 点击此处可从《计算机工程与应用》浏览原始摘要信息 |
|
点击此处可从《计算机工程与应用》下载全文 |
