摘要: 为保证局域网环境下共享信息的机密性,提出一种基于BLP模型的局域网多级安全模型MLS-LAN。引入密级标定部件,标定动态信息资源的安全级别,利用接入认证部件和访问控制部件,定义接入认证、信息共享和通信关系控制等规则,由此实现多级信息资源的安全共享。理论分析结果表明,该模型可以对信息共享实施可靠的访问控制,提高了局域网信息共享的安全性。
关键词:
多级安全模型,
信息共享,
访问控制,
BLP模型,
网络安全,
信息密级标定
Abstract: In order to ensure the confidentiality of information sharing in Local Area Network(LAN), a multi-level security model for LAN based on BLP model named MLS-LAN is proposed. It estimates the security-level of dynamic information resources by introducing security-level calibration facility in LAN, and it uses access authentication facility and access control facility to define access authentication, information sharing and communication relationship control rules, so that secure sharing for multi-level information in LAN is realized. Theoretical results show the model can provide reliable access control to information sharing and enhance its security.
Key words:
multi-level security model,
information sharing,
access control,
BLP model,
network security,
information security-level calibration
中图分类号:
王浩, 陈泽茂, 谌双双. 一种面向局域网的多级安全模型[J]. 计算机工程, 2012, 38(21): 141-144.
WANG Gao, CHEN Ze-Mao, CHEN Shuang-Shuang. A Multi-level Security Model for Local Area Network[J]. Computer Engineering, 2012, 38(21): 141-144.