计算机科学与探索2011,Vol.5Issue(2):179-192,14.DOI:10.3778/j.issn.1673-9418.2011.02.008
面向无传递性安全策略的语法信息流分析方法
Syntactic Information Flow Analysis Based on Nontransitive Security Policy
摘要
Abstract
The traditional syntactic information flow analysis is based on the lattice model such that the method can not be used to analyze the security of systems implementing the security policy not satisfying transitivity.This paper proposes a new information flow analysis approach.First, information flow semantics is attached to each statement of a program language.Then a graph structure called information flow temporal relation is defined to describe the temporal relation of information flow occurring, and a method of constructing the graph structure is presented.Finally, based on the graph structure a covert information flow identification method is developed.In addition, according to the concurrency feature of concurrent programs, a method for reducing the information flow temporal relation is proposed.With the help of the method, it is sufficient to consider the special interleave order between concurrent processes instead of all interleave orders.关键词
隐通道/语法信息流分析/访问控制/保密性安全策略分类
信息技术与安全科学引用本文复制引用
周从华,刘志锋,吴海玲,陈松..面向无传递性安全策略的语法信息流分析方法[J].计算机科学与探索,2011,5(2):179-192,14.基金项目
The National Natural Science Foundation of China under Grant No.60773049,61003288(国家自然科学基金) (国家自然科学基金)
the Natural Science Foundation in Colleges of Jiangsu Province under Grant No.08KJD520015(江苏省高校自然科学基金) (江苏省高校自然科学基金)
the Talent Foundation of Jiangsu University under Grant No.07JDG014(江苏大学高级人才科研启动基金) (江苏大学高级人才科研启动基金)
