| 基于密码的访问控制研究* |
| |
| 引用本文: | 马康,陈松政.基于密码的访问控制研究*[J].计算机应用研究,2012,29(1):305-307. |
| |
| 作者姓名: | 马康 陈松政 |
| |
| 作者单位: | 国防科学技术大学计算机学院,长沙,410073 |
| |
| 基金项目: | “核高基”重大专项基金资助项目(2010ZX01036-001-001) |
| |
| 摘 要: | 针对现有访问控制策略和机制复杂的特点,结合标签机制和多级安全的策略,以强制访问控制为基础,提出了一种新的访问控制机制。该机制的思想是根据客体的访问密钥来最终决定主体对客体有何种访问权限。基于这种思想将访问控制策略和机制进行了设计,给出了一种在LSM(Linux安全模块)框架下基于密钥对文件进行访问的策略实现方法。该访问控制方法通过设置密钥给了用户一定的自主权,限制了高级用户的部分权限,实现了文件共享。
|
| 关 键 词: | 机密性 访问控制 共享密钥 Linux安全模块 多级安全 |
Research on cryptography based access control |
| |
| MA Kang,CHEN Song-zheng.Research on cryptography based access control[J].Application Research of Computers,2012,29(1):305-307. |
| |
| Authors: | MA Kang CHEN Song-zheng |
| |
| Affiliation: | (College of Computer, National University of Defense Technology, Changsha 410073, China) |
| |
| Abstract: | For solving the complexity and difficulty problems in configuration in access control mechanism,this paper introduced a MAC(mandatory access control)mechanism which combined label mechanism and multilevel security.CBAC described how a subject might accessed an object by the specific key.Based on this method,it gave a design for the new access control policy and mechanism,also the policy and realization for CBAC on LSM frame work.As a result,by setting keys,it limited the super-user’s ability,put appropriate rights to the normal users and achieved file sharing. |
| |
| Keywords: | confidentiality access control shared key Linux security model multilvel security |
| 本文献已被 CNKI 万方数据 等数据库收录! |
| 点击此处可从《计算机应用研究》浏览原始摘要信息 |
|
点击此处可从《计算机应用研究》下载全文 |
|
