国防科技大学学报Issue(1):167-171,5.DOI:10.11887/j.cn.201401029
基于预授权的机密性和完整性动态统一模型
Confidentiality and integrity dynamic union model based on pre-authorization mechanisms
摘要
Abstract
With the current access control model,a reasonable unified control over confidentiality,integrity and availability cannot be achieved;especially the dynamic random access request control is far from perfect,not only always leaving some weak points open to possible attacks,but also bringing some unavoidable security problems caused by user errors in practical applications.A kind of confidentiality and integrity access control model based on the pre-authorization mechanisms is put forward.By combining BLP model and Biba model,and introducing the pre-authorization mechanisms,the reasonable control can be achieved over the dynamic random accesses activities.By making use of the condition control,the authority of subject performing the task is monitored timely,and granted or canceled dynamically.So the system’s confidentiality and integrity can both be realized,while guaranteeing its high availability,which is advantageous to the two-way flow of information.Finally,the application example of the model is given and its security is proved.关键词
机密性/完整性/任务/角色/预授权Key words
confidentiality/integrity/task/role/pre-authorization分类
信息技术与安全科学引用本文复制引用
张俊,徐鲁威,孟庆德,冯昌林..基于预授权的机密性和完整性动态统一模型[J].国防科技大学学报,2014,(1):167-171,5.基金项目
国家科技重大专项资助项目 ()
