计算机工程与应用 ›› 2008, Vol. 44 ›› Issue (22): 120-123.DOI: 10.3778/j.issn.1002-8331.2008.22.036

• 网络、通信、安全 • 上一篇    下一篇

基于向量矩阵的安全访问控制机制及实现

曾 顺1,3,连一峰1,2,3   

  1. 1.中国科学院 研究生院 信息安全国家重点实验室,北京 100049
    2.中国科学院 软件研究所,北京 100080
    3.中国科学院 研究生院,北京 100080
  • 收稿日期:2008-01-08 修回日期:2008-03-26 出版日期:2008-07-11 发布日期:2008-07-11
  • 通讯作者: 曾 顺

Access control based on vector matrix and its implementation

ZENG Shun1,3,LIAN Yi-feng1,2,3   

  1. 1.State Key Laboratory of Information Security,Graduate University of Chinese Academy of Sciences,Beijing 100049,China
    2.Institute of Software,Chinese Academy of Sciences,Beijing 100080,China
    3.Graduate University of Chinese Academy of Sciences,Beijing 100080,China
  • Received:2008-01-08 Revised:2008-03-26 Online:2008-07-11 Published:2008-07-11
  • Contact: ZENG Shun

摘要: 随着计算机安全需求的日益增加,作为安全操作系统研究方向之一的SELinux系统也在不断地完善。将访问控制向量矩阵与SELinux的访问控制机制相结合,并配合用于机密性保护的BLP模型和用于完整性保护的Biba模型,提出了基于向量矩阵的多级安全访问控制实现方法,并在SELinux系统中予以实现。

关键词: 访问控制, 向量矩阵, SELinux, 多级安全访问控制

Abstract: With the growing requirements of computer security,as one of the research directions of security system,SELinux is consummating itself.This article proposes the combination of vector matrix and the access control mechanism of SELinux,as well as the BLP model for protection of confidentiality and the Biba model for protection of integrity.This article presents a new method to realize multi-level access control mechanism based on vector matrix with its implementation on SELinux.

Key words: access control, vector matrix, SELinux, multi-level access control