摘要： 电子机构是解决自治主体间业务可信协同的一种开发框架，但其缺乏对信息流进行灵活控制的安全机制，可能会造成对机密信息的威胁。为此，在扩充电子机构语义的前提下，设计一种动态检测信息传递的安全模型。该模型根据强制访问控制的特点，依照级别标签来控制信息“不向下写”，对传输数据的安全级别进行单独赋值，确保电子机构中所有授权通信路径的安全。将该安全模型引入电子机构可有效防止信息的非授权泄露，提高机构的信息流安全性。

关键词: 电子机构, 访问控制, 信息流

Abstract: Electronic Institution(EI) as a development framework is good for developing dependable distributed collaboration. However, due to its lack of information flow control mechanism, the confidentiality of information may be threatened. By extending the semantics of electronic institution, this paper designs a security model that dynamically checks information transfer. As a result, all authorized communication paths are secure. The control process of the security model is illustrated via an example. The security model can prevent unauthorized information leakage and enhance securities of EI based systems.

Key words: Electronic Institution(EI), access control, information flow

中图分类号: 

• TP309