基于Biba和Clark-Wilson策略的混合强制完整性模型 | |
周洲仪 ; 贺也平 ; 梁洪亮 | |
刊名 | 软件学报
![]() |
2010 | |
卷号 | 21期号:1页码:98-106 |
关键词 | 完整性策略 强制访问控制 Biba模型 Clark-Wilson模型 integrity policy mandatory access control Biba model Clark-Wilson model |
ISSN号 | 1000-9825 |
其他题名 | hybrid mandatory integrity model composed of biba and clark-wilson policy |
中文摘要 | 商业应用需要实施完整性策略保护.Biba模型提供了一种简洁的多级完整性控制方案,但是需要引入可信主体来保证实施的可用性.而Clark-Wilson模型通过可监控的状态转换提供了一种完备的完整性保护,但其复杂性影响了该模型的完整实现.提出的模型以Biba严格完整性策略为基础,同时根据可信主体在其生命周期所属的状态实施Biba低水标策略.对可信主体在其生命周期发生的状态转换及相应的低水标参数调整,采用Clark-Wilson模型来进行监控.在有效解决了Biba策略的可用性问题和Clark-Wilson模型监控量过大给系统带来的配置和运行负担问题的同时,继承它们的优点.证明了该策略融合方案是可行的、安全的. |
收录类别 | cscd |
语种 | 中文 |
CSCD记录号 | CSCD:3805018 |
公开日期 | 2010-08-23 |
附注 | Commercial application requires protection of integrity policy. Biba model provides a simple multi-level integrity access control scheme but it needs the introduction of trusted subject to ensure the usability. Clark-Wilson model provides a complete integrity protection by means of controlled state transaction, but its entire implementation is hindered by its complication. This paper proposes a model that enforces Biba strict integrity policy as basic access control mechanism, at the same time enforces Biba low-water-mark policy on trusted subjects according to the state in their lifecycle. Clark-Wilson model is used to control and audit subject's state transition and run time adjustment of low-water-mark policy parameters. This paper solves the usability problem introduced by Biba policies and high configuration burden and runtime overload introduced by massive supervising task of Clark-Wilson, while at the same time borrows their merits. This policy composition scheme is proved to be applicable and secure. |
内容类型 | 期刊论文 |
源URL | [http://124.16.136.157/handle/311060/3808] ![]() |
专题 | 软件研究所_基础软件国家工程研究中心_期刊论文 |
推荐引用方式 GB/T 7714 | 周洲仪,贺也平,梁洪亮. 基于Biba和Clark-Wilson策略的混合强制完整性模型[J]. 软件学报,2010,21(1):98-106. |
APA | 周洲仪,贺也平,&梁洪亮.(2010).基于Biba和Clark-Wilson策略的混合强制完整性模型.软件学报,21(1),98-106. |
MLA | 周洲仪,et al."基于Biba和Clark-Wilson策略的混合强制完整性模型".软件学报 21.1(2010):98-106. |
个性服务 |
查看访问统计 |
相关权益政策 |
暂无数据 |
收藏/分享 |
除非特别说明,本系统中所有内容都受版权保护,并保留所有权利。
修改评论