基于任务划分的防信息聚合泄密模型

针对BLP模型中存在的信息聚合泄密、可信主体权限过大以及模型完整性缺失的问题，结合文件分级保护的需求，提出了基于任务划分的防信息聚合泄密模型IALP。首先，探讨了信息聚合形成的原因及研究现状;然后，以任务划分为基础，对主体的信息可知度及客体所占信息权重进行量化，提出了相对可信主体的概念，给出了模型安全公理和状态转换规则。最后，经理论证明、应用举例和分析表明，该模型能够控制主体对具有聚合泄密关系的客体集合的可知程度，并在一定程度上限制可信主体权限以及增强完整性。

Information aggregation leakage proof model based on assignment partition

To solve the problems existing in BLP (Bell-LaPadula) model, such as information aggregation leakage, excessive privileges of trusted subject and the deficiency of integrity, with reference to the application requirement of hierarchical file protection, an information aggregation leakage proof model named IALP (Information Aggregation Leakage Proof) was proposed based on assignment partition. First of all, the cause of information aggregation leakage and the current research situation were discussed. Secondly, on the basis of assignments partition, the knowledgeable degree of subject and the information weight of object were quantized, and the relatively trusted subject was proposed. Security axioms and state transition rules were given. Finally, the theoretical proof, application examples and analysis indicate that IALP can control the knowable degree of the subject towards the object set with the aggregation leakage relation, and limits the privilege of trusted subject and enhances the integrity to some extent.