计算机工程与应用Issue(12):55-62,8.DOI:10.3778/j.issn.1002-8331.1407-0330
DFCM:以数据为中心的安全控制机制
DFCM:novel data oriented security control mechanism
摘要
Abstract
The security of data is the fundamental goal of information system security. In two kinds of main security models, the access control model puts extra emphasis on operation controlling between subjects and objects, which is difficult to protect data at the whole process. While the information flow model aims to transfer the controlling information by mapping data and security levels, and it cannot be used in major operating systems. This paper proposes a method named with DFCM, which combines the access control model and the information flow model to give full play to advantages of both models. DFCM is a data flow oriented security mechanism, and it can control system actions according to state transfer of data and hence can achieve the goal of protecting confidential data at the whole process in a fine-grained way. The experiment results show that DFCM can preserve information with low overhead on the major commercial operating system.关键词
数据安全/数据流/操作系统/数据流控制机制(DFCM)Key words
data security/data flow/operating system/Data Flow Control Mechanism(DFCM)分类
信息技术与安全科学引用本文复制引用
江凌波,马超,王加玉..DFCM:以数据为中心的安全控制机制[J].计算机工程与应用,2015,(12):55-62,8.基金项目
国家“863”高技术研究发展计划重大项目(No.2011AA01A203)。 ()
