摘要
安全策略在信息安全及可信计算环境中具有十分重要的作用。为了在多域环境下一致地管理和实施安全策略,提出并设计了一个可扩展的、非集中式安全策略管理框架。它使用通用、精确和中立的安全策略规范语言来描述安全策略;对各种安全模型及其安全策略进行分析,抽象出策略语义;根据安全策略模型,实现不同域、不同安全实体和不同安全设施的安全策略之间的统一接口,以便管理和控制访问、授权、加密机制、机密性、完整性和可用性等。用Java实现了一个基本的安全策略管理框架。
n security and trusted computing environments. An extensible and de-centralized security policy management framework was proposed to manage security policies consistently in multi-domain environments, This framework employs a common, precise and neutral specification language of security policies to describe security policies, analyzes the security models and its policies to extract policy semantics, and builds a security policies model framework to perform a universal API to manage and control the access, authorization, cryptograph, confidentiality, integrity and availability among the policies of different domain, entities and facilities. A basic framework of security policies was implemented in Java language.
出处
《四川大学学报(工程科学版)》
EI
CAS
CSCD
北大核心
2006年第2期114-117,共4页
Journal of Sichuan University (Engineering Science Edition)
基金
国家自然科学基金资助项目(10076011)
关键词
安全策略
安全策略管理框架
信息安全
自治域
多域
security policy
security policies management framework
information security
autonomous domain
multi-domain
