期刊文献+
任意字段
题名或关键词
题名
关键词
文摘
作者
第一作者
机构
刊名
分类号
参考文献
作者简介
基金资助
栏目信息

OA应用安全增强系统设计与实现

Design and Implementation of Security-Enhanced System for OA
下载PDF
导出
摘要 随着办公信息化建设的不断推进,OA系统已广泛应用于部队机关及各下属单位,在提高人员工作效率的同时,其自身的安全性也日益引起高度关注。文章针对现有OA系统的典型工作流程,分析其中存在的脆弱点,在此基础上,设计并实现了一个OA应用安全增强系统。该系统对上层应用透明,能在不影响应用系统运行效率的前提下,在操作系统内核层,实现用户身份认证及强制访问控制,极大地提高了应用系统的安全性。 With the fast development of information construction in the army,more and more units have been using OA system.OA can improve the work efficiency while it also has some security problem.This paper describes a typical workflow of OA and analyzes the vulnerabilities in it,and then implements a security-enhanced system on OA application.The security-enhanced system is transparent to the application and does not affect the efficiency of it.Utilizing identity authentication and MAC in the OS kernel,the security-enhanced system can guarantee the security of application fundamentally.
作者 蔡谊 刘东生
机构地区 西三环中路
出处 《舰船电子工程》 2012年第1期69-71,94,共4页 Ship Electronic Engineering
关键词 办公自动化 公文流转 身份认证 强制访问控制 OA workflow identity authentication MAC
分类号 TP311 [自动化与计算机技术—计算机软件与理论]
  • 相关文献

参考文献10

  • 1沈昌祥.基于积极防御的安全保障框架[J].中国信息导报,2003(10):50-51. 被引量:22
  • 2D. Baker. Building Upon Sand[J]. Proceedings of the New Se- curity Paradigms Workshop, 1996 : 25-27. 被引量:1
  • 3Peter A. Loscocco, Stephen D. Smalley, Patrick A. Muekel bauer, et al. The Inevitability Of Failure: The Flawed As- sumption of Security in Modern Computing Environment[C]// Proceedings oI the 2]st National Information Systems Security Conference, 1998 : 303-314. 被引量:1
  • 4沈昌祥.关于加强信息安全保障体系的思考[J].信息安全与通信保密,2002,24(12):11-14. 被引量:12
  • 5D.E. Bell, L.J.I.aPadula. Secure Computer System: Mathe- matical Foundation[EB/OL]. http://citeseer, ist. psu. edu/ 548063. html, 2002,6. 被引量:1
  • 6M. Abrams, L. Lapadula, K. Eggers, et al. A Generalized Framework for Access Control: an Informal Description[C]// Proceedings of the 13h National Computer Security Confer- ence,1990:134-143. 被引量:1
  • 7蔡谊,郑志蓉,沈昌祥.基于多级安全策略的二维标识模型[J].计算机学报,2004,27(5):619-624. 被引量:28
  • 8S. Jajodia, P. Samarati, V. Subrahmanian, et al. A Unified Framework for Enforcing Multiple Access Control Policies [C]//Proceedings of SIGMOD, 1997: 474-485. 被引量:1
  • 9Ray Spencer, Stephen Smalley, Peter Loscacco Flask Security Architecture: System Support for Diverse Secu- rity Policies[C]//Pruceedings of the 8th USENIX Security Symposium, 1999 : 242-247. 被引量:1
  • 10Chirs Wright, Crispin Cowan, et ai. Linux Security Module Framework[J]. Proceedings of the 2002 Ottawa Linux Sym- posium, 2002 : 303-314. 被引量:1

二级参考文献4

  • 1Bell D.E., Lapadula L.J.. Secure computer systems. Mitre Corporation, Bedford, MA, USA: Technical Report MTR-2547 (Vol Ⅰ-Ⅲ), 1973 被引量:1
  • 2Biba K.J.. Integrity considerations for secure computer systems. Mitre Corporation, Bedford, MA, USA: Technical Report MTR-3153, 1977 被引量:1
  • 3Di Vito Ben L., Palmquist P.H., Anderson E.R., Johnston M.L.. Specification and verification of the ASOS kernel. In: Proceedings of the 1990 IEEE Computer Society Symposium on Research in Security and Privacy, Oakland, California, 1990, 61~74 被引量:1
  • 4Waldhart N.A.. The army secure operating system. In: Proceedings of the 1990 IEEE Computer Society Symposium on Research in Security and Privacy, Oakland, California, 1990, 50~60 被引量:1

共引文献58

舰船电子工程
2012年 第1期

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部