摘要
针对可信计算需要保护运行时完整性度量的问题,提出一种基于主体完整性标识动态调整的完整性保护模型.基于Biba模型的严格完整性策略中主体访问的历史过程和客体的完整性标识,通过安全规则对主体的访问范围进行动态调节,以提高模型的可用性.最后,通过无干扰理论对模型的安全性进行了证明,从信息流的发送者和接收者之间的干扰关系上,验证了完整性保护模型的正确性.
To protect the integrity measurement of trusted computing technology at runtime,an integrity protection model based on dynamically adjusting the integrity labels of subjects was proposed.According to the history of subjects access and integrity labels of objects in the dynamic enforcement of the strict integrity policy(DESIP) of Biba's model,the access range of subjects can be adjusted dynamically by the security rules in order to enhance the availability of the model.Besides,the security of the model was verified based on the noninterference theory.From the interference relation between the sender and the receiver of the information flow,the correctness of the model was proved.
出处
《华中科技大学学报(自然科学版)》
EI
CAS
CSCD
北大核心
2010年第12期69-72,共4页
Journal of Huazhong University of Science and Technology(Natural Science Edition)
基金
国家自然科学基金重点资助项目(60633020)
河南省科技攻关计划资助项目(102102210432)
河南省重点科技攻关项目(102102210388)
河南省教育厅自然科学研究项目(2009B520023)
关键词
信息流
安全模型
完整性
访问控制
无干扰
可信计算
information flow security models integrity access control noninterference trusted computing
