摘要
随着信息技术的加速发展和Internet的广泛应用 ,数据库管理系统的使用越来越普遍。如何防护数据库不致受破坏性攻击 ,信息系统数据不被侵害或窃取 ,已日益为人们所关注。本文建立了一个基于强制性策略安全模型 (MSM)。首先讨论一种基于自行处理策略[1 ] 的安全数据库模型实例 ;通过宏观定义和具体描述 ,确定系统行为方式 ;更进一步 ,验证该模型某些具体功能特性 ,分析其安全漏洞 ,构造一种新型策略模型实例 (MSM) ;最后综合分析比较它们各自的优缺点以及安全可靠性。
This paper describes the construction of a security model based on the mandatory policy. It first discusses a secure database model based on the discretionary policy according to the main requirements, then establishes system behaviours by giving macroscopic definitions and specific descirptions. A careful study and analysis of the features and security leaks of this model leads to the construction of a mandatory security model (MSM).The result of the comparison between the two models shows that the mandatory security model has better security and greater reliability.
出处
《信息工程大学学报》
2001年第1期23-28,共6页
Journal of Information Engineering University
