期刊文献+

基于访问控制空间的多策略安全体系结构 被引量:3

Security architecture to support multiple security policies based on access control space
下载PDF
导出
摘要 为解决LSM在策略重用和策略共存方面存在的问题,提出了一个新的安全体系结构ELSM,它引入一个模型组合器作为主模块实施模块堆栈管理和模块决策管理,其中模块决策的实施采用了访问控制空间的策略规范方法,可支持通用性,ELSM的设计及其在安胜OS安全操作系统中的实例分析表明其有效性。 In order to solve the problems of policy reusability and policy co-existence in LSM, a new security architecture ELSM is proposed. It introduced Model Combiner as main module to implement module stack management and module decision management. Module decision is based on access control space as policy specification for general support. The design of ELSM and the analysis of its implementation in Ansheng OS prove its effectiveness.
出处 《通信学报》 EI CSCD 北大核心 2006年第2期107-112,118,共7页 Journal on Communications
基金 国家重点基础研究发展计划("973"计划)基金资助项目(G1999035810) 国家自然科学基金资助项目(60083007)~~
关键词 安全体系结构 安全策略模型 LINUX安全模块 策略规范 security architecture security policy model Linux security module policy specification
  • 相关文献

参考文献15

  • 1HOSMER H H.The multipolicy paradigm for trusted systems[A].Proceedings of the New Security Paradigms Workshop[C].little Compton,R.I,IEEE Press,1992-1993.19-32.
  • 2KUHNHAUSER W E,OSTROWSKI M V K.A framework to support multiple security policies[A].Proceedings of the 7th Annual Canadian Computer Security Symposium[C].Canadian System Security Centre,Ottawa,Canada,1995.1-19.
  • 3WRIGHT C,COWAN C,SMALLEY S,et al.Linux security modules:general security support for the linux kernel[A].USENIX Security Symposium[C].San Francisco,CA,2002.17-31.
  • 4SMALLEY S.Implementing SELinux as a Linux Security Module[R].NAI Labs Report#01-043,2002.
  • 5EDWARDS A,JAEGER T,ZHANG X L.Verifying Authorization Hook Placement for the Linux Security Modules Framework[R].IBM Research Report,RC22254(W0111-057),2001.
  • 6JAJODIA S,SAMARATI P,SUBRAHMANIAN V S.A logical language for expressing authorizations[A].Proceedings of the IEEE Symposium on Security and Privacy[C].1997.31-42.
  • 7BERTINO E,CATANIA B,et al.A system to specify and manage multipolicy access control models[A].Proceedings of the Third International Workshop on Policies for Distributed Systems and Networks (POLICY'02)[C].2002.116-127.
  • 8KOCH M,MANCINI L,et al.On the specification and evolution of access control policies[A].Proceedings of the 6th ACM Symposium on Access Control Models and Technologies (SACMAT-01)[C].Chantilly,Virginia,USA,2001.121-130.
  • 9RUAN C,VARADHARAJAN V.A formal graph based framework for supporting authorization delegations and conflict resolutions[J].International Journal of Information Security,2003,1(4):211-222.
  • 10JAEGER T,ZHANG X L.Policy management using access control space[J].ACM Transaction on Information and System Security,2003,6(3):327-364.

同被引文献42

  • 1王娜,方滨兴,罗建中,刘勇.“5432战略”:国家信息安全保障体系框架研究[J].通信学报,2004,25(7):1-9. 被引量:36
  • 2张衡,卞洪流,吴礼发,张毓森,崔明伟,曾庆凯.基于LSM的程序行为控制研究[J].软件学报,2005,16(6):1151-1158. 被引量:5
  • 3王亚刚,房鼎益,吴晓南,刘炜.利用LSM框架实现基于角色的访问控制[J].计算机应用与软件,2006,23(8):38-40. 被引量:2
  • 4王赛娇,陈新登,李宗伯,尹虹.基于LSM的进程行为监控技术研究[J].计算机工程与科学,2006,28(8):36-39. 被引量:1
  • 5Wright C, Cowan C, Smalley S, et al. Linux security module framework[EB/OL]. 2002Ottawa Linux Symposium (2002 -6) [ 2007 - 3 ]. http: //lsm. immunix, org/docs/lsm - ols - 2002/html/.
  • 6Smalley S, Vance C, Salmon V. Implementing SELinux as a Linux security module[EB/OL]. NAI Labs Report (2002-5) [ 2007 - 4 ]. http : //www. nsa. gov/selinux/module - abs. html.
  • 7国家互联网应急中心.2012年我国互联网网络安全态势综述[EB/OL].http://www.cert.org.cn.2013-03-09.
  • 8Bell D E, LaPadula L J. Secure computer systems: Mathematical foundations, MTR 2547 [R]. Bedford, MA: MITRE Corp, 1973.
  • 9United States Department of Defense (DoD). Trusted computer system evaluation criteria (TCSEC), DoD 5200. 28-STD [R]. Washington DC: United States Department of Defense (DoD), 1985.
  • 10EC Advisory Group SOG-IS. Information technology security evaluation criteria (ITSEC), Version 1.2 [S/OL]. Brussels, Luxembourg: Office for Offeial Publications of the European Communities, 1991 [2013-12-03]. http://www, ssi. gouv. fr/ site documents[ITSEC/ITSEC-uk, pdf.

引证文献3

二级引证文献14

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部