基于动态分集的中国墙模型研究

doi:10.11896/j.issn.1002-137X.2015.01.037

计算机科学 ›› 2015, Vol. 42 ›› Issue (1): 159-163.doi: 10.11896/j.issn.1002-137X.2015.01.037

基于动态分集的中国墙模型研究

姜路,鹤荣育,魏彦芬

解放军信息工程大学密码工程学院郑州450000,解放军信息工程大学密码工程学院郑州450000,解放军信息工程大学密码工程学院郑州450000

出版日期:2018-11-14 发布日期:2018-11-14

Chinese Wall Model Based on Dynamic Divided-set

JIANG Lu, HE Rong-yu and WEI Yan-fen

Online:2018-11-14 Published:2018-11-14

摘要/Abstract

摘要： BN(Brewer-Nash)中国墙模型对写操作有着严格的限制,它只从客体方面考虑了冲突关系,且需要事先静态划分访问区域,不适宜动态变化的系统。定义“分集”的概念,并在此基础上提出基于分集的中国墙模型,该模型能够从主体和客体两方面出发研究系统中的冲突关系,并动态地扩充访问区域。证明了该模型是冲突安全的,并通过一个实例说明了该模型的应用。

关键词: 访问控制,中国墙模型,冲突关系,动态分集

Abstract: The Chinese wall model gives much constraint on write permission,while its access regions need to predetermined and divided statically.Its conflict of interest relation was defined by the object’s interest.A modified vision of Chinese wall was proposed to solve this problems.The divided-sets was defined and both the interest of subject and object were considered to analyze the system’s conflict of interest relation.In this model,objects and subjects can be divided into different access regions which can be extended dynamically.At last,the security of this model was proved.The application of the model was showed by a simple example.

Key words: Access control,Chinese wall model,Conflict,Divided-set

姜路,鹤荣育,魏彦芬. 基于动态分集的中国墙模型研究[J]. 计算机科学, 2015, 42(1): 159-163. https://doi.org/10.11896/j.issn.1002-137X.2015.01.037

JIANG Lu, HE Rong-yu and WEI Yan-fen. Chinese Wall Model Based on Dynamic Divided-set[J]. Computer Science, 2015, 42(1): 159-163. https://doi.org/10.11896/j.issn.1002-137X.2015.01.037

参考文献

[1] Brewer D F C,Nash M J.The Chinese wall security policy[C]∥Proceedings of the 1989 IEEE Symposium on Security and Privacy.Oakland,CA,USA,1989.206-214
[2] Lin T Y.Chinese wall security policy-an aggressive model[C]∥Fifth Annual Computer Security Application Conference.Tucson,Arizona,USA,1989:282-289
[3] Sobel A E K,Alves F J.A trace--based model of the Chinese wall security policy[C]∥Proceedings of the 22^nd National Information Systems Security Conference.Arlington,Virginia,USA,1999.231-240
[4] Sandhu R.A lattice interpretation of the Chinese wall policy[C]∥Proc of the 15^th NIST--NCSC National Computer Security Conference.Washington,USA,1992:329-339
[5] 何永忠,李晓峰,冯登国.RBAC实施中国墙模型及其变种的研究[J].计算机研究与发展,2007,4(4):615-622
[6] 秦超,陈钟,段云所.Chinese wall策略及其在多级安全环境中的扩展[J].北京大学学报,2002,8(3):369-374
[7] Foley S N.Building Chinese walls in standard unixTM[J].Unix Computers and Security Journal,ACM,1997,6(6):551-563
[8] 夏少君,魏玲玲.一种基于中国墙策略的应用程序保护模型研究[C]∥第27次全国计算机安全学术交流会论文集.2012:212-214
[9] 马俊,王志英,任江春,等.一种实现数据主动泄漏防护的扩展中国墙模型[J].软件学报,2012,23(3):677-687
[10] 程戈,金海,邹德清,等.基于动态联盟关系的中国墙模型研究[J].通信学报,2009,11:93-100
[11] Sailer R,Jaeger T,Valdez E.Building a MAC-based security architecture for the Xen open source hypervisor[C]∥Proceedings of the 21^st Annual Computer Security Applications Conference(ACSAC2005).Miami,FL,USA,2005:276-285
[12] Mccune J,Berger S,Cacerres R.Shamon:a system for distributed mandatory access control[C]∥Preceedings of the 22^nd Annual Computer Security Applications Conference.Miami Beach,Florida,USA,2006:23-32
[13] 牛文生,李亚晖,张亚棣.基于安全域隔离的嵌入式系统的访问控制机制研究[J].计算机科学,2013,0(Z6):320-322,6
[14] Katsuno Y,Watanabe Y,Furuichi S.Chinese wall process confinement for practical distributed coalitions[C]∥Proceedings of the 12^th ACM Symposium on Access Control Models and Technologies.NY,USA,2007:225-234
[15] Jaeger T,Sailer R,Sreenivasan Y.Managing the risk of covert information flows in virtual machine systems[C]∥Proceedings of the 12^th ACM Symposium on Access Control Models and Technologies.Sophia Antipolice,France,2007:81-90

Metrics

Viewed

Full text

Abstract

Cited

Shared

Discussed

基于动态分集的中国墙模型研究

Chinese Wall Model Based on Dynamic Divided-set

PDF (PC)

摘要/Abstract

引用本文

使用本文

参考文献

相关文章 0

Metrics

本文评价

推荐阅读 0