作者投稿和查稿 主编审稿 专家审稿 编委审稿 远程编辑

计算机工程 ›› 2007, Vol. 33 ›› Issue (13): 161-163,. doi: 10.3969/j.issn.1000-3428.2007.13.055

• 安全技术 • 上一篇    下一篇

基于证据的代码访问控制机制研究

谷 虤1,2,钱 江1,应明峰1,2   

  1. (1. 南京工业大学信息科学与工程学院,南京 210009;2. 金陵科技学院商学院,南京 210001)
  • 收稿日期:1900-01-01 修回日期:1900-01-01 出版日期:2007-07-05 发布日期:2007-07-05

Research on Code Access Control Model Based on Evidence

GU Yan1,2 , QIANG Jiang1, YING Mingfeng1,2   

  1. (1. School of Information Science and Engineering, Nanjing University of Technology, Nanjing 210009; 2. School of Business, Jinling Institute of Technology, Nanjing 210001)
  • Received:1900-01-01 Revised:1900-01-01 Online:2007-07-05 Published:2007-07-05

摘要: 随着分布式计算的不断发展,传统的基于角色的安全性(RBAC)模型已无法满足分布式安全的要求,该文根据微软的代码访问安全性,归纳出基于证据的代码访问控制(EBCAC)模型和它的一种形式化描述,该模型能实现对系统更低层次的访问控制;提出了一种改进的基于证据的代码访问控制系统设计方案,给出了防止引诱攻击的实例。

关键词: 分布式网络安全, 访问控制, 引诱攻击

Abstract: With the development of the distributed computing, traditional role-based access control model doesn’t meet the demand of distributed computing security any more. An evidence-based code access control(EBCAC) model, which can provide the lower access control of system security, is generalized from code access control of Microsoft in this paper. It gives a formalized description and describes an improved system architecture based on it. It also discusses how to implement and gives an instance of EBCAC model.

Key words: distributed network security, access control, luring attack

中图分类号: