作者投稿和查稿 主编审稿 专家审稿 编委审稿 远程编辑

计算机工程 ›› 2011, Vol. 37 ›› Issue (13): 132-134,138. doi: 10.3969/j.issn.1000-3428.2011.13.042

• 安全技术 • 上一篇    下一篇

基于多维标识的文件分级保护模型

边 力,陈性元,汪永伟   

  1. (解放军信息工程大学电子技术学院,郑州 450004)
  • 收稿日期:2011-01-24 出版日期:2011-07-05 发布日期:2011-07-05
  • 作者简介:边 力(1984-),男,硕士研究生,主研方向:信息安全,文件保护;陈性元,教授、博士生导师;汪永伟,讲师、博士研 究生
  • 基金资助:
    国家“863”计划基金资助项目(2009AA01Z438)

File Classified Protection Model Based on Multi-dimensional Label

BIAN Li, CHEN Xing-yuan, WANG Yong-wei   

  1. (Institute of Electronic Technology, PLA Information Engineering University, Zhengzhou 450004, China)
  • Received:2011-01-24 Online:2011-07-05 Published:2011-07-05

摘要: 针对传统文件保护技术中普遍存在的分级管理差、管控粒度不细等问题,结合多维多密级的文件应用环境,提出基于多维标识的文件分级保护模型。该模型将静态特征标识和动态密级标识相结合,引入域标识的概念,并证明其安全性。经分析和应用表明,该模型能在不影响文件正常使用的基础上,使不同环境中的文件访问都能得到有效控制,从而保证文件的安全。

关键词: 文件分级保护, 多维标识, 域标识, 访问控制, BLP模型

Abstract: To resolve the common problems that the hierarchy management and control of files is weak and coarse-grained by using traditional technology in file protection, combining the multi-dimensional and multistage application environments of files, a file classified protection model based on multi-dimensional label is proposed. It combines the static characteristics label with the dynamic confidentiality label organically and introduces the concept of domain label. The security of the model is proved. Analysis and application results show that access to files in different environments can be effectively controlled without influence of normal use, thus this model can ensure the security of files.

Key words: file classified protection, multi-dimensional label, domain label, access control, Bell-Lapadula(BLP) model

中图分类号: