Computer Engineering and Applications ›› 2011, Vol. 47 ›› Issue (5): 65-68.
• 研发、设计、测试 • Previous Articles Next Articles
CHEN Jin,LV Hongbing,PAN Xuezeng
Received:
Revised:
Online:
Published:
陈 进,吕红兵,潘雪增
Abstract: The BLP can guarantee the security of information by allowing downward information flow from the low security level to high security level.However,under some circumstances,the upward information flow is also necessary.Clark-Wilson model is used to control and audit subject’s state transition and run time adjustment of low-water-mark policy parameters.This paper proposes a model that allows the upward information flow in the control of Clark-Wilson model.The model is proved secure and applicable.
Key words: information security, Bell-LaPadula(BLP) model, Clark-Wilson model, mandatory access control
摘要: BLP模型通过允许低安全级别到高安全级别的信息流动,保证了信息的机密性。但是不能解决普遍存在的下向信息流。而Clark-Wilson模型通过可监控的状态转换提供了完整性保护。提出的模型以BLP控制策略为基础,并在Clark-Wilson模型的监控下,允许下向信息流的流动。证明了该模型是安全的,可行的。
关键词: 信息安全, BLP模型, Clark-Wilson模型, 强制访问控制
CHEN Jin,LV Hongbing,PAN Xuezeng. Hybrid mandatory model composed of BLP and Clark-Wilson policy[J]. Computer Engineering and Applications, 2011, 47(5): 65-68.
陈 进,吕红兵,潘雪增. 基于BLP和Clark-Wilson策略的混合强制模型[J]. 计算机工程与应用, 2011, 47(5): 65-68.
0 / Recommend
Add to citation manager EndNote|Ris|BibTeX
URL: http://cea.ceaj.org/EN/
http://cea.ceaj.org/EN/Y2011/V47/I5/65