微信服务号

微信订阅号

2025年4月6日 12:42 星期日
首页 > 过刊浏览>2007年第18卷第3期 >730-738
PDF HTML阅读 XML下载 导出引用 引用提醒
一个支持可信主体特权最小化的多级安全模型
作者:
基金项目:

Supported by the National Natural Science Foundation of China under Grant No.60373054(国家自然科学基金);the National High-Tech Research and Development Plan of China under Grant No.2002AA141080(国家高技术研究发展计划(863))


A Multi-Level Security Model with Least Privilege Support for Trusted Subject
Author:
  • 摘要
    • | |
  • 访问统计
    • |
  • 参考文献 [12]
    • |
  • 相似文献 [20]
    • |
  • 引证文献
    • | |
  • 文章评论
    摘要:

    对已有多级安全模型的可信主体支持进行回顾和分析,提出了DLS(离散标记序列)多级安全模型.该模型将可信主体的生命周期分解为一系列非可信状态,对每一个状态赋予一个敏感标记.可信主体的当前敏感标记等于当前非可信状态的敏感标记,非可信状态的切换由预定义的可信请求事件触发.从而可信主体的当前敏感标记可以根据其应用逻辑而动态调整.同时给出了模型保持系统安全性的安全状态和规则.与Bell模型等可信主体敏感标记范围模型相比,该模型在多级安全的策略范围内实现了可信主体的特权最小化.

    Abstract:

    The trusted subject supports of the existing multi-level security models are reviewed and a new model called DLS (discrete label sequence) is proposed. It decomposes the lifecycle of a trusted subject into a sequence of untrusted states (US). Each untrusted state is associated with a certain current security label, and only the predefined trusted request events (TRE) can trigger the transition from one US to the other. Thus, the current security level of a trusted subject is dynamically changed according to its application’s logic. Definitions of secure states and rules to preserve security are also presented. Compared with the trusted subject implemented by security level range, this model gives a better support of least privilege and achieves the support within the MLS policy framework.

    参考文献
    [1]Bell D,LaPadual LJ.Secure computer system:Unified exposition and MULTICS interpretation.MTR-2997 Rev.1,Bedford:The MITRE Corporation,1976.
    [2]Bell D.Secure computer systems:A retrospective.In:Proc.of the 1983 IEEE Symp.on Security and Privacy.Washington:IEEE Computer Society,1983.161-162.
    [3]Mayer FL.An interpretation of a refined Bell-La Padula model for the Tmach kernel.In:Proc.Of the 4th Aerospace Computer Security Conf.1988.368-378.Http://ieeexplore.ieee.org/xpl/tocresult.jsp?isnumber=3362
    [4]Lee TMP.Using mandatory integrity to enforce commercial security.In:Proc.Of the IEEE Symp.On Security and Privacy.IEEE Computer Society Press,1988.140-146.Http://ieeexplore.ieee.org/xpl/freeabs_all.jsp?arnumber=8106
    [5]Shi WC,Sun YF.History sensitivity of the multilevel security policies.Journal of Software,2003,14(1):91-96 (in Chinese with English abstract).http://www.jos.org.cn/1000-9825/14/91.htm
    [6]Ji QG,Qing SH,He YP.An improved dynamically modified confidentiality policies model.Journal of Software,2004,15(10):1547-1557 (in Chinese with English abstract).Http://www.jos.org.cn/1000-9825/15/1547.htm
    [7]Draft standard for information technology-Portable operating system interface (POSIX)-Part 1:System application program interface (API)-Amendment#:Protection,audit and control interfaces.IEEE Computer Society,1997.
    [8]Xie J,Xu F,Huang H.Trust degree based multilevel security policy and its model of state machine.Journal of Software,2004,15(11):1700-1708 (in Chinese with English abstract).http://www.jos.org.cn/1000-9825/15/1700.htm
    [9]National Computer Security Center.A Guide to Understanding Security Modeling in Trusted Systems.1992.
    [5]石文昌,孙玉芳.多级安全性政策的历史敏感性.软件学报,2003,14(1):91-96.http://www.jos.org.cn/1000-9825/14/91.htm
    [6]季庆光,卿斯汉,贺也平.一个改进的可动态调节的机密性策略模型.软件学报,2004,15(10):1547-1557.http://www.jos.org.cn/1000-9825/15/1547.htm
    [8]谢钧,许峰,黄皓.基于可信级别的多级安全策略及其状态机模型.软件学报,2004,15(11):1700-1708.http://www.jos.org.cn/1000-9825/15/1700.htm
    网友评论
    网友评论
    分享到微博
    发 布
引用本文

武延军,梁洪亮,赵琛.一个支持可信主体特权最小化的多级安全模型.软件学报,2007,18(3):730-738

复制
分享
文章指标
  • 点击次数:4856
  • 下载次数: 5748
  • HTML阅读次数: 0
  • 引用次数: 0
历史
  • 收稿日期:2005-11-28
  • 最后修改日期:2006-03-17
文章二维码
友情链接:中国科学院软件研究所中国计算机学会中国科学院国家自然科学基金委员会CCF数字图书馆Int'l J of Softw Info计算机系统应用
您是第19794007位访问者
版权所有:中国科学院软件研究所 京ICP备05046678号-3
地址:北京市海淀区中关村南四街4号,邮政编码:100190
电话:010-62562563 传真:010-62562533 Email:jos@iscas.ac.cn
技术支持:北京勤云科技发展有限公司

京公网安备 11040202500063号