Computer Engineering and Applications ›› 2006, Vol. 42 ›› Issue (10): 15-.

• 博士论坛 • Previous Articles     Next Articles

Secrecy/Integrity Union MLS Policy Based on Trusting Computing

,,,   

  1. 海军工程大学
  • Received:2005-12-29 Revised:1900-01-01 Online:2006-04-01 Published:2006-04-01

基于可信计算的保密和完整性统一安全策略

黄强,沈昌祥,陈幼雷,方艳湘   

  1. 海军工程大学
  • 通讯作者: 黄强 huangqiang huangqiang

Abstract: Combining BLP and BIBA model in a MLS policy will leed to poor availability. To resolve it and enhance the security mechanism in the environment of high level security system, TCPA’s trusted computing platform was applied to construct new security policy named S/IMLS. S/IMLS is based on the mechanism and function provided by TCPA. It defines the concept of trusted subjects by behavior and confines their abilities, which increase simplicity and availability for the system.

摘要: 为解决在高安全等级操作系统应用的保密性/完整性统一多级访问控制模型可用性差问题及增强其安全性,为系统引入可信计算(TCPA)技术并指出它对安全机制的增强作用。对可信计算平台环境下保密性/完整性统一的访问控制模型中可信主体的特性进行描述,给出具体安全策略。它将可信主体纳入访问控制模型,有助于划分可信主体并能够限制其权限。