| 一种基于用户意愿的数据保护模型 |
| |
| 引用本文: | 曹四化,何鸿君,罗莉,冯涛.一种基于用户意愿的数据保护模型[J].武汉大学学报(理学版),2006,52(5):574-577. |
| |
| 作者姓名: | 曹四化 何鸿君 罗莉 冯涛 |
| |
| 作者单位: | 1. 国防科学技术大学,计算机学院,湖南,长沙,410073
2. 现代通信国家重点实验室,四川,成都,610041 |
| |
| 摘 要: | 基于最小特权原理,从分析进程的访问权限出发,提出了一种防御恶意程序攻击的数据保护模型.该模型对DAC访问控制机制进行了增强,当进程实际访问用户数据时,进程必须先获得操作用户的意愿,用户根据进程的任务赋予进程访问系统最小必需数据集的权限,使进程无法访问任务之外的数据集,防止进程因权限过大破坏用户数据.测试结果表明,该模型可以有效地阻止进程的非法访问而确保数据不被窃取或破坏.
|
| 关 键 词: | 信息安全 数据保护 用户意愿 |
| 文章编号: | 1671-8836(2006)05-0574-04 |
| 修稿时间: | 2006年4月20日 |
A Data Protection Model Based on User's Intention |
| |
| CAO Sihua,HE Hongjun,LUO Li,FENG Tao.A Data Protection Model Based on User''''s Intention[J].JOurnal of Wuhan University:Natural Science Edition,2006,52(5):574-577. |
| |
| Authors: | CAO Sihua HE Hongjun LUO Li FENG Tao |
| |
| Abstract: | After analyzing the access rights of the processes,this paper presents a data-protection model which will prevent the attack of the malicious processes on the base of minimal privilege principle.This model has reinforced the DAC access control mechanism.When process accesses user's data,the process has to gain the user's intention.Based on the task of the process,the user will endow the process minimal rights to access the related data,which will prevent the process from accessing data that are not concerned with the task.Thus it will prevent process destroy user's data because of overusing access rights.The test result shows that this model can effectively stop the unauthorized access and protect data from destructing or stealing. |
| |
| Keywords: | information security data protection intention of user |
| 本文献已被 CNKI 维普 万方数据 等数据库收录! |
|
