Application system-oriented mandatory access control model

doi:10.3778/j.issn.1002-8331.2010.09.031

Computer Engineering and Applications ›› 2010, Vol. 46 ›› Issue (9): 107-110.DOI: 10.3778/j.issn.1002-8331.2010.09.031

• 网络、通信、安全 • Previous Articles Next Articles

Application system-oriented mandatory access control model

XU Lu，ZHANG Hong-qi，DU Xue-hui，WANG Chao

Institute of Electronic Technology，The PLA Information Engineering University，Zhengzhou 450004，China

Received:2008-09-26 Revised:2008-12-19 Online:2010-03-21 Published:2010-03-21
Contact: XU Lu

一种面向应用系统的强制访问控制模型

徐璐，张红旗，杜学绘，王超

解放军信息工程大学电子技术学院，郑州 450004

通讯作者: 徐璐

Abstract

Abstract: It is not applicable to implement BLP in application systems.So an Application System-Oriented Mandatory Access Control（ASOMAC） model extended from BLP is proposed to fit the characteristics and requirement of application systems，which combines the application of role and security label to implement principle of least privilege and separation of duty，and the agility of mandatory access control is improved.The formal definition and theorem system are presented.Finally the design and analysis of mandatory access control system based on ASOMAC are performed.

Key words: mandatory access control, application system, security label, role

摘要： 为解决传统BLP模型不适用于应用系统的问题，提出了一种面向应用系统的强制访问控制（ASOMAC）模型，该模型对BLP模型进行了扩展，通过角色与安全标记的结合运用，实现了最小权限和职责分离原则，有效提高了强制访问控制的灵活性，使其符合应用系统的特点和需求。对模型进行了形式化定义，给出了一套公理系统，最后设计并分析了基于该模型的强制访问控制系统。

关键词: 强制访问控制, 应用系统, 安全标记, 角色

CLC Number:

TP309

XU Lu，ZHANG Hong-qi，DU Xue-hui，WANG Chao. Application system-oriented mandatory access control model[J]. Computer Engineering and Applications, 2010, 46(9): 107-110.

徐璐，张红旗，杜学绘，王超. 一种面向应用系统的强制访问控制模型[J]. 计算机工程与应用, 2010, 46(9): 107-110.

[1]	XU Jianguo, LIU Yonghui, LIU Mengfan. Research on Semantic Role Labeling of University Policy Based on BILSTM-CRF [J]. Computer Engineering and Applications, 2021, 57(6): 207-211.
[2]	YANG Yanjiao, ZHAO Guotao, WANG Pidong. Sentence Similarity Calculation Method Based on Semantics and Emotion [J]. Computer Engineering and Applications, 2021, 57(16): 151-158.
[3]	YU Bo, TAI Xianqing, MA Zhijie. Study on Attribute and Trust-Based RBAC Model in Cloud Computing [J]. Computer Engineering and Applications, 2020, 56(9): 84-92.
[4]	ZHANG Tao, WANG Xin, WANG Zhenlei. Hierarchy Feedback Ant Colony Algorithm for Solving Secondary Delivery Problem of Petroleum Product [J]. Computer Engineering and Applications, 2019, 55(21): 261-270.
[5]	LIU Shuren, FENG Chaomin, CAI Changning, FAN Li. Research on Seismic Data Processing Based on Multi-Level Storage [J]. Computer Engineering and Applications, 2019, 55(13): 266-270.
[6]	HU Zhifei, DUAN Zhongxing, CHEN Sheng, LIU Yang. Study on guiding role of evacuation lighting and directing system of subway station [J]. Computer Engineering and Applications, 2016, 52(15): 237-242.
[7]	LI Longshu, FANG Yuan. Research on decision system model of Robocup3D robotics team [J]. Computer Engineering and Applications, 2015, 51(6): 37-41.
[8]	SHEN Man, ZHAO Songzheng, LIU Jing. Examination and approval of business workflow model based on role privilege [J]. Computer Engineering and Applications, 2015, 51(4): 235-239.
[9]	LI Min1，2, HUANG Qiang1, ZHOU Ling1, NI Shaoquan1. Research on modeling of petroleum products distribution system based on object-oriented Petri nets [J]. Computer Engineering and Applications, 2015, 51(20): 55-61.
[10]	PAN Wenlin. Research on local semantic conflicts instantly check methods for ORM model [J]. Computer Engineering and Applications, 2015, 51(18): 144-150.
[11]	WANG Mengxiang1，2, WANG Houfeng1，2, LIU Yang1，2, ZHANG Longkai1. Study for automatic recognition of Chinese object target role [J]. Computer Engineering and Applications, 2014, 50(8): 93-98.
[12]	GUAN Xin1, WANG Jie2, TAO Zhiyong1. Energy-tree chain algorithm of role-adaptive cluster head in WSN [J]. Computer Engineering and Applications, 2014, 50(24): 70-75.
[13]	YANG Xinhua1，2, ZHAI Yifei1. Image enhancement based on tetrolet transform and PCNN [J]. Computer Engineering and Applications, 2014, 50(19): 178-181.
[14]	TAO Yong, WANG Chengliang. Attributive-based RBAC policy representation and reasoning using OWL [J]. Computer Engineering and Applications, 2014, 50(19): 66-69.
[15]	LIU Pengyuan1，2, SUN Baolin1. RBAC framework supporting poset and sync & async permission modeling [J]. Computer Engineering and Applications, 2014, 50(10): 108-115.

Application system-oriented mandatory access control model

一种面向应用系统的强制访问控制模型

PDF

Knowledge

Abstract

Cite this article

share this article

References

Related Articles 15

Recommended Articles

Metrics