Computer Engineering and Applications ›› 2011, Vol. 47 ›› Issue (4): 77-80.DOI: 10.3778/j.issn.1002-8331.2011.04.021
• 网络、通信、安全 • Previous Articles Next Articles
HU Ming,PAN Xuezeng,LI Wen
Received:
Revised:
Online:
Published:
Contact:
胡 明,潘雪增,李 文
通讯作者:
Abstract: On the basis of the BLP model and RBAC model,a new improved multiple-level model is presented.The improved model has four important features:(1)carry out the control of integrity;(2)constrain the trusted subject and limit the right of other subjects;(3)realize RBAC model to assign the role and the permission;(4)fulfill the audit mechanism rules to monitor the security policy.Experimental results show that the improved model increases security and the usability.
Key words: control of integrity, trusted subject, Role-Based Access Control(RBAC) model, audit mechanism
摘要: 在分析BLP模型和RBAC模型及其相关衍生模型的基础上,提出一种改进的模型。改进模型主要有4个重要特点:(1)实施完整性控制,保证信息流上写安全性;(2)限定可信主体,赋予其余主体有限特权;(3)实施RBAC模型,分配角色和权限;(4)引入审计机制,提供策略监控。实验结果表明,改进后的模型在完善安全性的同时提高了实用性。
关键词: 完整性控制, 可信主体, 基于角色的访问控制(RBAC)模型, 审计机制
CLC Number:
TP309
HU Ming,PAN Xuezeng,LI Wen. Design and implementation of improved multiple-level security model[J]. Computer Engineering and Applications, 2011, 47(4): 77-80.
胡 明,潘雪增,李 文. 改进的多级安全模型的设计与实现[J]. 计算机工程与应用, 2011, 47(4): 77-80.
0 / Recommend
Add to citation manager EndNote|Ris|BibTeX
URL: http://cea.ceaj.org/EN/10.3778/j.issn.1002-8331.2011.04.021
http://cea.ceaj.org/EN/Y2011/V47/I4/77
