摘要
GB17859-1999中要求四级以上安全操作系统必须实现结构化保护功能,而层次化方法是实现结构化保护的一个有效途径。基于可信计算思想,将可信根抽象为偏序集中的最小元,利用集合论中完全偏序集的相关知识,通过组件间的依赖关系,提出了一种组件层次划分方法,并证明了层次划分方法的完备性。进一步分析表明,该方法能有效应用于增强系统安全性的研究。
It is stated in GB17859-1999 that the fourth level security information system must implement structured protection function,to which the availability way is dividing the system into different layers.Based on the ideology of Trusted Computing,by modeling the root of trust as the minimal element of a partial order set and using related knowledge about the complete partial order in set theory,a method for layering components of a system is proposed via dependencies between them,followed by the proof of the completeness of the method.Further discussion also shows that the method can be employed in many other aspects of strengthening the system’s security.
出处
《计算机工程与应用》
CSCD
北大核心
2011年第36期25-28,共4页
Computer Engineering and Applications
基金
国家高技术研究发展计划(863)(the National High-Tech Research and Development Plan of China under Grant No.2009AA01Z437)
国家重点基础研究发展计划(No.2007CB311100)
关键词
结构化保护
层次化方法
可信计算
完全偏序集
依赖
structured protection
layering method
trusted computing
complete partial order
dependency
