摘要
Bell&LaPadula (BLP)模型是实现安全操作系统多级安全性 (MLS)的基础 ,根据主体当前敏感标记对主体访问客体的请求作判断是BLP模型的关键 .本文讨论一个动态确定主体当前敏感标记的方案 ,首先 ,作为进一步探讨的基础 ,对BLP模型进行简要描述 ,接着 ,以BLP模型为基础构造所讨论的方案 ,最后 ,给出构成完整方案的限定条件 。
Bell and LaPadula (BLP) model is the ground for the implementation of multilevel security (MLS) in secure operating systems. The key spirit of BLP model is to make decision on subject's request to access objects according to subject's current sensitivity label. This paper discusses a scheme for the dynamic determination of subject's current sensitivity label. First, as the basis of further exploration, the BLP model is briefly described. Then, the scheme in question is constructed based on the BLP model. Finally, the qualifying condition for the scheme is presented and its necessity and correctness are demonstrated.
出处
《电子学报》
EI
CAS
CSCD
北大核心
2001年第8期1046-1049,共4页
Acta Electronica Sinica
基金
国家 8 63高科技项目 (No.863 30 6 ZD1 2 1 4 2 )
国家自然科学基金项目 (No .60 0 730 2 2 )
中国科学院知识创新工程项目 (No
关键词
计算机安全
安全操作系统
安全模型
敏感标记
Computer operating systems
Labels
Mathematical models
Sensitivity analysis
