微信服务号

微信订阅号

2025-4-4- 4
Home > Archive>Volume 18, Issue 3, 2007 >730-738
PDF HTML XML Export Cite reminder
A Multi-Level Security Model with Least Privilege Support for Trusted Subject
Author:
Affiliation:

  • Article
    • | |
  • Metrics
    • |
  • Reference [12]
    • |
  • Related [20]
    • |
  • Cited by [6]
    • | |
  • Comments
    Abstract:

    The trusted subject supports of the existing multi-level security models are reviewed and a new model called DLS (discrete label sequence) is proposed. It decomposes the lifecycle of a trusted subject into a sequence of untrusted states (US). Each untrusted state is associated with a certain current security label, and only the predefined trusted request events (TRE) can trigger the transition from one US to the other. Thus, the current security level of a trusted subject is dynamically changed according to its application’s logic. Definitions of secure states and rules to preserve security are also presented. Compared with the trusted subject implemented by security level range, this model gives a better support of least privilege and achieves the support within the MLS policy framework.

    Reference
    [1]Bell D,LaPadual LJ.Secure computer system:Unified exposition and MULTICS interpretation.MTR-2997 Rev.1,Bedford:The MITRE Corporation,1976.
    [2]Bell D.Secure computer systems:A retrospective.In:Proc.of the 1983 IEEE Symp.on Security and Privacy.Washington:IEEE Computer Society,1983.161-162.
    [3]Mayer FL.An interpretation of a refined Bell-La Padula model for the Tmach kernel.In:Proc.Of the 4th Aerospace Computer Security Conf.1988.368-378.Http://ieeexplore.ieee.org/xpl/tocresult.jsp?isnumber=3362
    [4]Lee TMP.Using mandatory integrity to enforce commercial security.In:Proc.Of the IEEE Symp.On Security and Privacy.IEEE Computer Society Press,1988.140-146.Http://ieeexplore.ieee.org/xpl/freeabs_all.jsp?arnumber=8106
    [5]Shi WC,Sun YF.History sensitivity of the multilevel security policies.Journal of Software,2003,14(1):91-96 (in Chinese with English abstract).http://www.jos.org.cn/1000-9825/14/91.htm
    [6]Ji QG,Qing SH,He YP.An improved dynamically modified confidentiality policies model.Journal of Software,2004,15(10):1547-1557 (in Chinese with English abstract).Http://www.jos.org.cn/1000-9825/15/1547.htm
    [7]Draft standard for information technology-Portable operating system interface (POSIX)-Part 1:System application program interface (API)-Amendment#:Protection,audit and control interfaces.IEEE Computer Society,1997.
    [8]Xie J,Xu F,Huang H.Trust degree based multilevel security policy and its model of state machine.Journal of Software,2004,15(11):1700-1708 (in Chinese with English abstract).http://www.jos.org.cn/1000-9825/15/1700.htm
    [9]National Computer Security Center.A Guide to Understanding Security Modeling in Trusted Systems.1992.
    [5]石文昌,孙玉芳.多级安全性政策的历史敏感性.软件学报,2003,14(1):91-96.http://www.jos.org.cn/1000-9825/14/91.htm
    [6]季庆光,卿斯汉,贺也平.一个改进的可动态调节的机密性策略模型.软件学报,2004,15(10):1547-1557.http://www.jos.org.cn/1000-9825/15/1547.htm
    [8]谢钧,许峰,黄皓.基于可信级别的多级安全策略及其状态机模型.软件学报,2004,15(11):1700-1708.http://www.jos.org.cn/1000-9825/15/1700.htm
    Comments
    Comments
    分享到微博
    Submit
Get Citation

武延军,梁洪亮,赵琛.一个支持可信主体特权最小化的多级安全模型.软件学报,2007,18(3):730-738

Copy
Share
Article Metrics
  • Abstract:4855
  • PDF: 5746
  • HTML: 0
  • Cited by: 0
History
  • Received:November 28,2005
  • Revised:March 17,2006
Links:Institute of Software, CASChina Computer FederationCASNSFC
You are the first2032643Visitors
Copyright: Institute of Software, Chinese Academy of Sciences Beijing ICP No. 05046678-4
Address:4# South Fourth Street, Zhong Guan Cun, Beijing 100190,Postal Code:100190
Phone:010-62562563 Fax:010-62562533 Email:jos@iscas.ac.cn
Technical Support:Beijing Qinyun Technology Development Co., Ltd.

Beijing Public Network Security No. 11040202500063