| 基于用户意愿的改进BLP模型IB_BLP |
| |
| 引用本文: | 曹四化,何鸿君.基于用户意愿的改进BLP模型IB_BLP[J].计算机工程,2006,32(23):171-173. |
| |
| 作者姓名: | 曹四化 何鸿君 |
| |
| 作者单位: | 1. 国防科技大学计算机科学学院,长沙,410073
2. 国防科技大学计算机科学学院,长沙,410073;现代通信国家重点实验室,成都,610041 |
| |
| 摘 要: | 在基于BLP模型的安全系统设计与实现中,其主体的安全标记与访问权限分别继承自登录用户的安全标记与访问权限,使得主体的资源访问能力过大,破坏了最小权限原则,使恶意进程能够进行大范围的信息窃取与破坏。针对上述问题,该文提出了一种基于用户意愿的改进BLP模型IB_BLP模型,要求主体对于具有访问授权要求的客体的访问,必须遵循用户的操作意愿,使主体的权限最小化。
|
| 关 键 词: | 信息安全 BLP模型 用户意愿 |
| 文章编号: | 1000-3428(2006)23-0171-03 |
| 收稿时间: | 03 28 2006 12:00AM |
| 修稿时间: | 2006-03-28 |
Improved BLP Model Based on User Intension |
| |
| CAO Sihua,HE Hongjun.Improved BLP Model Based on User Intension[J].Computer Engineering,2006,32(23):171-173. |
| |
| Authors: | CAO Sihua HE Hongjun |
| |
| Affiliation: | 1. School of Computer Science, National University of Defense Technology, Changsha 410073;2. National Key Laboratory for Modern Communications, Chengdu 610041 |
| |
| Abstract: | In the design and implementation of the current security systems based on BLP model, subject’s security label and access right inherit from the user’s. This may enlarge the access ability which violates the least privilege theorem and give the malious subject the chance to gain higher security label and more rights to steal and damage information. To solve this problem, the paper presents an improved BLP model based on user’s intention——IB_BLP model. In the new model, subject needs to get user’s intention to meet the least privilege theorem while accessing object. |
| |
| Keywords: | Information security BLP model User intention |
| 本文献已被 CNKI 维普 万方数据 等数据库收录! |
| 点击此处可从《计算机工程》浏览原始摘要信息 |
|
点击此处可从《计算机工程》下载全文 |
