摘要:
在高安全领域,XML文档中可能包含不同程度的敏感信息,需要受到强制访问控制策略的保护。为确保高敏感数据的完整性,在BLP模型的基础上对主体和客体的安全标签进行改进,提出EBLP模型,讨论在该模型下的安全标签分配问题,研究该模型的体系结构并给出XML文档的访问控制算法。
关键词:
可扩展标记语言,
安全标签,
强制访问控制,
EBLP模型,
访问控制
Abstract:
In the high security fields, XML documents may include information at different levels of sensitivity. It should be protected by Mandatory Access Control(MAC) policy. In order to maintain the integrality of data at high levels of sensitivity, the security labels of subjects and objects are improved. An extended MAC model called EBLP is proposed on the basis of BLP model. Security label assignment are discussed. The architecture and the access control arithmetic used to implement the fine-grained EBLP model are discussed.
Key words:
eXtensible Markup Language(XML),
security label,
Mandatory Access Control(MAC),
EBLP model,
access control
中图分类号:
叶春晓, 尉法文. 基于BLP模型的XML访问控制研究[J]. 计算机工程, 2011, 37(14): 123-124.
XIE Chun-Xiao, WEI Fa-Wen. Research on XML Access Control Based on BLP Model[J]. Computer Engineering, 2011, 37(14): 123-124.