|
|||||
|
|
| 基于TCB子集的应用安全框架研究 | |
| 引用本文: | 李勇,张松轶,王飞,董丽娜.基于TCB子集的应用安全框架研究[J].无线电通信技术,2010,36(4):48-51. |
| 作者姓名: | 李勇 张松轶 王飞 董丽娜 |
| 作者单位: | 1. 解放军信息工程大学电子技术学院,河南郑州,450004 2. 河北远东哈里斯通信有限公司,河北石家庄,050200 3. 解放军装备指挥技术学院,北京,101416 4. 解放军61313部队,北京,100075 |
| 基金项目: | 国家重点基础研究发展计划,项目 |
| 摘 要: | 提出了一种新的基于可信计算基(Trusted Computing Base,TCB)子集的应用安全框架。将TCB层次化分割为TCB子集,利用TCB子集之间的可信支撑关系在应用层和内核层分别建立访问监控器。内核层访问监控器和应用层访问监控器之间由安全管道联通,保证应用层访问控制机制不被篡改或旁路。分析了安全管道的特性和该安全框架下的访问控制流程,解决了应用层访问控制可靠性与有效性的矛盾。 |
| 关 键 词: | TCB子集 访问控制 安全管道 |
Research of Application Security Framework Based on TCB Subsets |
|
| LI Yong,ZHANG Song-yi,WANG Fei,DONG Li-na.Research of Application Security Framework Based on TCB Subsets[J].Radio Communications Technology,2010,36(4):48-51. | |
| Authors: | LI Yong ZHANG Song-yi WANG Fei DONG Li-na |
| Affiliation: | 1.The PLA Information Engineering University,Zhengzhou He'nan 450004,China;2.Hebei Far East Harris Communications Co.Ltd.,Shijiazhuang Hebei 050200,China;3.The PLA Institute of Equipment Command Technology,Beijing 101416,China;4.Unit 61313 of PLA,Beijing 100075) |
| Abstract: | A new application security framework based on TCB subsets is proposed.TCB is divided into TCB subsets,based on which two reference monitors are set in both the application layer and the system layer.The two reference monitors are connected by secure pipeline,which is proposed to protect the access control mechanism from being tampered or bypassed.This framework makes the access control mechanism both reliable and valid. |
| Keywords: | TCB subsets access control secure pipeline |
| 本文献已被 维普 万方数据 等数据库收录! | |
