Computer Science ›› 2017, Vol. 44 ›› Issue (8): 107-114.doi: 10.11896/j.issn.1002-137X.2017.08.020

Previous Articles     Next Articles

Temporal-Spatial-based Mandatory Access Control Model in Collaborative Environment

FAN Yan-fang   

  • Online:2018-11-13 Published:2018-11-13

Abstract: Secure information sharing is a common goal for any information system.Critical applications in the collaborative environment put forward higher requirements for security and flexibility of information sharing.The existing mandatory access control model based on BLP model can’t meet the requirements of access control for critical applications in collaborative environment.In this paper,a temporal-spatial-based mandatory access control model was proposed,which integrates task,time with space issues into access control model.Logic security is integrated with physical location in this model.So,it not only can enhance the security of access control,but also meets the flexibility of access control in collaborative environment.The security of the model was proved with non-interference theory.

Key words: Collaboration,Mandatory access control,Active security model,Temporal-spatial constraints,Information flow,Task

[1] BELL D E,LAPADULA L J.Secure Computer Systems:Mathematical Foundations [R].Electronic Systems Division,Air Force Systems Command,Hanscom Air Force Base,Bedford,MA,USA,1973.
[2] BELL D E,LAPADULA L J.Secure Computer Systems:A Mathe-matical Model [R].Electronic Systems Division,Air Force Systems Command,Hanscom Air Force Base,Bedford,MA,USA,1973.
[3] BELL D E,LAPADULA L J.Secure Computer Systems:A Refinement of the Mathematical Model [R].Electronic Systems Division,Air Force Systems Command,Hanscom Air Force Base,Bedford,MA,USA,1974.
[4] BELL D E,LAPADULA L J.Secure Computer System:Unified Exposition and MULTICS Interpretation:MTR-2997 Rev.1[R].The MITRE Corporation,Bedford,MA,USA,1976.
[5] FAN Y F,CAI Y.Collaboration Supported Mandatory AccessControl Model[J].Journal of Computer Research and Development,2015,2(10):2411-2421.(in Chinese) 范艳芳,蔡英.支持协作的强制访问控制模型[J].计算机研究与发展,2015,52(10):2411-2421.
[6] FAN Y F,CAI Y,GENG X H.A Mandatory Access ControlModel with Temporal and Spatial Constraints [J].Journal of Beijing University of Posts and Telecommunications,2012,35(5):111-114.(in Chinese) 范艳芳,蔡英,耿秀华.具有时空约束的强制访问控制模型[J].北京邮电大学学报,2012,35(5):111-114.
[7] WU Y J,LIANG H L,ZHAO C.A Multi-Level Security Modelwith Least Privilege Support for Trusted Subject[J].Journal of Software,2007,18(3):730-738 (in Chinese) 武延军,梁洪亮,赵琛.一个支持可信主体特权最小化的多级安全模型[J].软件学报,2007,18(3):730-738.
[8] ZHANG X F,XU F,SHEN C X.Research on Multilevel Security Model Based on Trustworthy State and Its Application[J].Acta Electronica Sinica,2007,35(8):1511-1515.(in Chinese) 张晓菲,许访,沈昌祥.基于可信状态的多级安全模型及其应用研究[J].电子学报,2007,35(8):1511-1515.
[9] THOMAS R K.Team-based Access Control (TMAC):A Primitive for Applying Role-based Access Controls in Collaborative Environments [C]∥Proc of the 2nd Workshop on Role-Based Access Control.ACM,Fairfax,VA,USA,1997:13-19.
[10] GEORGIADIS C K,MAVRIDIS I,P ANGALOS G,et al.Flexible Team-based Access Control Using Contexts [C]∥The ACM Symposium on Access Control Models and Technologies 2001.Chantilly,Vriginia,USA,2001:21-27.
[11] 翟治年.企业级协作环境中访问控制模型研究[D].北京:华南理工大学,2012.
[12] BIJON K Z,SANDHU R S,KRISHNAN R.A Group-centric Model for Collaboration with Expedient Insiders in Multilevel Systems [C]∥The 2012 International Conference on Collaboration Technologies and Systems.2012:419-426.
[13] YAN X X,GENG T.Fused access control scheme for sensitive data sharing[J].Journal on Communications,2014,35(8):71-77.(in Chinese) 闰玺玺,耿涛.面向敏感数据共享环境下的融合访问控制机制[J].通信学报,2014,5(8):71-77.
[14] BIJON K Z,SANDHU R,KRISHNAN R.A group-centric mo-del for collaboration with expedient insiders in multilevel systems[C]∥International Conference on Collaboration Technologies and Systems.IEEE,2012:419-426.
[15] BIJON K Z,SANDHU R,KRISHNAN R,et al.A lattice interpretation of group-centric collaboration with expedient insiders[C]∥International Conference on Collaborative Computing:Networking,Applications and Worksharing.IEEE,2012:200-209.
[16] RUSHBY J.Noninterference,Transitivity and Channel-controlSecurity Policies:Technical Report,CSL-92-02[R].Menlo Park:Stanford Research Institute,1992.

No related articles found!
Viewed
Full text


Abstract

Cited

  Shared   
  Discussed   
No Suggested Reading articles found!