| 261 | 5 | 144 |
| 下载次数 | 被引频次 | 阅读次数 |
针对Biba模型中的严格完整性策略在保证数据完整性的同时会降低系统兼容性的问题,在Biba严格完整性模型基础上提出了具有历史特征的Biba模型严格完整性策略,将主体完整性等级扩展为独立的读写区间,并根据主体读写历史调整主体可读写的区间,并给出形式化的描述.该模型既可以保护系统数据的完整性,又能提高系统的兼容性.同时,给出所构造规则的实施策略的实现算法,说明该实施策略和常规实施策略具有相同的时间复杂度.
Abstract:Strict integrity policy(SIP) of Biba model was used to maintain the integrity of data in computer systems,but it might deny some non-malicious access requirements,and hence decrease the compatibility of applications.An improved SIP with historical characteristics based on the subject's history behavior was presented,which increased the compatibility of the software while keeping system integrity as strictly as SIP could.An implementation algorithm for the constructed enforcement scheme was given.The improved SIP had the same complexity with the ordinary enforcement scheme.
[1]Bishop M.Computer Security:Art and Science[M].Boston:Addison Wesley,2003:3-6.
[2]Biba KJ.Integrity considerations for secure computer systems[R]//US Air Force Electronic System Division.Spring-field,1977.
[3]Goguen J A,Meseguer J.Security policies and security models[C]//the 1982 Symposiumon Security and Privacy.Oak-land,C A,1982:11-20.
[4]Sutherland D.A model of information[C]//the 9th National Security Conference.Gaithersburg,1986.
[5]Clark D D,Wilson D R.Acomparison of commercial and military computer security policies[C]//the 1987 IEEE Sympo-siumon Security and Privacy.Oakland,C A,1987.
[6]Brewer D,Nash M.The Chinese wall security policy[C]//the 1989 IEEE Symposium on Security and Privacy.LosAlamitos,C A,1989:206-214.
[7]Badger L,Sterne D F,Sherman D L,et al.A domain and type enforcement UNIX prototype[J].USENIX ComputingSystems,1996,9(1):47-83.
[8]Loscocco P,Smalley S.Integrating flexible support for security policies into the Linux operating system[C]//FREENIXTrack:2001 USENIX Annual Technical Conference.Berkeley,C A,2001.
[9]Jaeger T,Sailer R,Zhang X L.Analyzingintegrity protectioninthe SELinux example policy[C]//the 12th USENIX Se-curity Symposium.Washington,D C,2003.
[10]张相峰,孙玉芳.Biba模型中严格完整性政策的动态实施[J].计算机研究与发展,2005,42(5):746-754.
[11]Zhang Mingxi.Strict integrity policy of biba model with dynamic characteristics and its correctness[C]//the 5th Inter-national Conference on Computational Intelligence and Security.Beijing,2009:521-525.
[12]Denning D E.Alattice model of secure information flow[J].Communications of the ACM,1976,19(5):236-243.
基本信息:
中图分类号:TP309
引用信息:
[1]张明西,韦俊银,程裕强,等.具有历史特征的Biba模型严格完整性策略[J],2011,43(01):85-89.
基金信息:
国家自然科学基金资助项目,编号90718027;; 高等学校纺织生物医用材料学科创新引智计划项目,编号B070204