计算机工程与应用 ›› 2009, Vol. 45 ›› Issue (14): 100-102.DOI: 10.3778/j.issn.1002-8331.2009.14.030

• 网络、通信、安全 • 上一篇    下一篇

动态多级安全级模型及其应用

刘 尊,安喜锋,李伟华   

  1. 西北工业大学 计算机学院,西安 710072
  • 收稿日期:2008-03-12 修回日期:2008-05-16 出版日期:2009-05-11 发布日期:2009-05-11
  • 通讯作者: 刘 尊

Dynamic multilevel security model and its application

LIU Zun,AN Xi-feng,LI Wei-hua   

  1. School of Computer,Northwestern Polytechnical University,Xi’an 710072,China
  • Received:2008-03-12 Revised:2008-05-16 Online:2009-05-11 Published:2009-05-11
  • Contact: LIU Zun

摘要: 针对采用传统MLS模型实现的系统可用性和灵活性较低的问题,提出了一种基于动态安全级的MLS模型Dynamic MLS。模型使用由流入信息最高安全级和流出信息最低安全级组成的动态安全级代替传统BLP模型中的当前安全级,并依此对主体访问客体的行为进行更灵活的控制。模型在BLP模型11条规则的基础上对其中的5条规则进行了改进,并通过形式化方法证明了改进模型的正确性。最后给出了模型在增加linux系统安全性方面的应用。

关键词: 多级安全性(MLS), 安全模型, 动态安全级

Abstract: This paper gives a multilevel security model based on dynamic security level named Dynamic Multilevel Security(DMLS) model.DMLS uses a couple of dynamic security levels of highest inflow and lowest outflow to replace the current security level of BLP model.With these dynamic security levels,DMLS can control the access of subjects to objects flexibly.In order to use the dynamic security level,DMLS makes a corresponding changes to the five of eleven rules of classic BLP model and the model is proved to be correct through formal methods.At last an application of DMLS to enhance security of linux is given.

Key words: Multi-Level Security(MLS), security model, dynamic security level