计算机工程与应用 ›› 2008, Vol. 44 ›› Issue (12): 19-21.

• 博士论坛 • 上一篇    下一篇

基于MLS策略的机密性和完整性动态统一模型

张 俊1,周 正1,李 建2,刘 毅2   

  1. 1.海军工程大学 电气与信息工程学院,武汉 430033
    2.解放军信息工程大学 电子技术学院,郑州 450002
  • 收稿日期:2007-12-06 修回日期:2008-01-28 出版日期:2008-04-21 发布日期:2008-04-21
  • 通讯作者: 张 俊

Confidentiality and integrity dynamic union model based on MLS policy

ZHANG Jun1,ZHOU Zheng1,LI Jian2,LIU Yi2   

  1. 1.College of Electrical and Information Engineering,Naval University of Engineering,Wuhan 430033,China
    2.Institute of Electronic Technology,PLA Information Engineering University,Zhengzhou 450002,China
  • Received:2007-12-06 Revised:2008-01-28 Online:2008-04-21 Published:2008-04-21
  • Contact: ZHANG Jun

摘要: BLP模型是最经典的机密性模型,Biba模型则是最经典的完整性模型。绝大多数主客体机密性和完整性具有一致性,BLP模型和Biba模型就产生矛盾。提出了机密性和完整性的动态统一模型,给出了一系列安全规则,引入访问历史标记,动态调整主体的安全标记,将BLP和Biba真正结合起来,实现了机密性和完整性的统一,使系统具有较好的可用性。并给出了实例对模型进行了说明。

关键词: BLP, Biba, 安全模型, 敏感标记

Abstract: BLP model is the most classical confidentiality model,and Biba model is the most classical integrity model.Most of subject and object have same level of confidentiality and integrity,but BLP and Biba have contradiction in this situation.This paper puts forward confidentiality and integrity dynamic union model,and gives a serial security rule.By importing history label,subject’s security label is adjusted dynamically,making BLP and Biba banded together in deed.The model realizes the union of confidentiality and integrity,and the system has a good usability.At last,an example is presented to explain the model.

Key words: BLP, Biba, security model, sensitivity label