作者投稿和查稿 主编审稿 专家审稿 编委审稿 远程编辑

计算机工程 ›› 2011, Vol. 37 ›› Issue (14): 123-124. doi: 10.3969/j.issn.1000-3428.2011.14.040

• 安全技术 • 上一篇    下一篇

基于BLP模型的XML访问控制研究

叶春晓,尉法文   

  1. (重庆大学计算机学院,重庆 400044)
  • 收稿日期:2011-03-09 出版日期:2011-07-20 发布日期:2011-07-20
  • 作者简介:叶春晓(1973-),男,教授、博士,主研方向:网络安全,数据库技术,软件工程;尉法文,硕士研究生
  • 基金资助:

    重庆市科委自然科学基金资助项目(CSTC,2008BB2320)

Research on XML Access Control Based on BLP Model

YE Chun-xiao, YU Fa-wen   

  1. (College of Computer Science, Chongqing University, Chongqing 400044, China)
  • Received:2011-03-09 Online:2011-07-20 Published:2011-07-20

摘要:

在高安全领域,XML文档中可能包含不同程度的敏感信息,需要受到强制访问控制策略的保护。为确保高敏感数据的完整性,在BLP模型的基础上对主体和客体的安全标签进行改进,提出EBLP模型,讨论在该模型下的安全标签分配问题,研究该模型的体系结构并给出XML文档的访问控制算法。

关键词: 可扩展标记语言, 安全标签, 强制访问控制, EBLP模型, 访问控制

Abstract:

In the high security fields, XML documents may include information at different levels of sensitivity. It should be protected by Mandatory Access Control(MAC) policy. In order to maintain the integrality of data at high levels of sensitivity, the security labels of subjects and objects are improved. An extended MAC model called EBLP is proposed on the basis of BLP model. Security label assignment are discussed. The architecture and the access control arithmetic used to implement the fine-grained EBLP model are discussed.

Key words: eXtensible Markup Language(XML), security label, Mandatory Access Control(MAC), EBLP model, access control

中图分类号: