计算机科学

计算机科学 ›› 2017, Vol. 44 ›› Issue (Z6): 348-350.doi: 10.11896/j.issn.1002-137X.2017.6A.079

• 信息安全 • 上一篇    下一篇

基于属性安全值的强制访问控制模型

陈杰伟,关宇,刘军   

  1. 解放军理工大学通信工程学院研究生1队 南京210007,解放军理工大学通信工程学院 南京210007,解放军理工大学指挥信息系统学院 南京210007
  • 出版日期:2017-12-01 发布日期:2018-12-01

Mandatory Access Control Model Based on Safety Value of Attributes

CHEN Jie-wei, GUAN Yu and LIU Jun   

  • Online:2017-12-01 Published:2018-12-01

PDF (PC)

564

摘要: 通过对ABAC定义的细粒度属性进行量化映射,结合BLP和Biba强制访问模型的基本特点,试图定义一个与属性相关的安全值量化概念,然后以安全值为基础,构建一个可以计算的封闭环境。其次计算得到一个基于属性映射的安全值集合,从而符合BLP和Biba强制访问控制模型的基本条件。再对BLP和Biba模型进行进一步优化,使其契合属性安全值的特点,形成一个灵活的基于属性安全值的强制访问控制模型。

关键词: BLP,Biba,ABAC,属性,访问控制,模型

Abstract: By quantitatively mapping the fine-grained attributes defined by ABAC and by combining the basic features of BLP and Biba mandatory access models,an attempt is made to define a quantitative concept of security values related to attributes,and then a closed environment that can be calculated based on security values is built.Then a set of security values based on attribute mapping is calculated to meet the basic conditions of BLP and Biba mandatory access control model.Then BLP and Biba models are further optimized to fit the attribute security value and form a flexible mandatory access control model based on attribute security value.

Key words: BLP,Biba,ABAC,Attribute,Access control,Model

[1] 徐亮,谭煌.BLP 改进模型的形式化描述及自动化验证[J].计算机工程,2013,39(12):130-135.
[2] 马萌,唐卓,李仁发,等.基于条件随机场的改进BLP访问控制模型[J].计算机科学,2015,42(8):138-144.
[3] ZHANG J,YUN L J,ZHOU Z.Research of BLP and Biba dynamic union model based on check domain[C]∥Preceedings of the seventh International Conference on Machine Learning and Cybernetics.Kunming,2008:12-15.
[4] 周向军.基于BLP/Biba的混合云计算数据中心安全访问控制模型[J].信息安全与技术,2016,7(1):63-65.
[5] 于芳芳,马建红.基于多优化技术的ABAC模型[J].计算机应用与软件,2015,32(11):312-316.
[6] 邹佳顺,张永胜,高艳.云环境下基于使用控制的ABAC模型研究[J].计算机应用研究,2014,31(12):3692-3694.
[7] 倪川,黄志球,王珊珊,等.基于属性的支持策略本体推理的访问控制方法研究[J].计算机科学,2015,42(3):96-101.
[8] 毋涛,张帆.云计算下基于属性的访问控制方法[J].计算机系统应用,2016,25(2):231-234.
[9] BALAMURUGAN B,SHIVITHA G N,MONISHA V,et al.A Honey Bee Behaviour inspired novel Attribute-Based Access Control using Enhanced Bell-Lapadula Model in Cloud Computing[C]∥International Conference on Innovation Information in Computing Technologies(ICIICT).IEEE,2015:1-6.
[10] BELL D,LAPADULA L.Secure Computer Systems:Mathema-tical Foundations and Model:echnical Report M74-244[R].MITRE Corp.,Bedford,MA 1973.
[11] BIBA K J.Integrity Considerations for Secure Computer Systems: EST TR-76-372[R].ESD/AFSC,Hanscom AFB,Bedford,MA 1977.
[12] HU V C,FERRAIOLO D,KUHN R,et al.Guide to attribute based access control (ABAC) definition and considerations (draft)[J].NIST Special Publication,2013,800(162).
No related articles found!
Viewed
Full text


Abstract

Cited
  Shared   
  Discussed   
No Suggested Reading articles found!
渝ICP备16013121号-4
地址:重庆市渝北区洪湖西路18号    邮编:401121  
电话:023-63500828(编辑部) 023-67039612(会议/专题) 023-67039623(财务/发票)
E-mail:jsjkx12@163.com
本系统由北京玛格泰克科技发展有限公司设计开发