Abstract:
To resolve the common problems that the hierarchy management and control of files is weak and coarse-grained by using traditional technology in file protection, combining the multi-dimensional and multistage application environments of files, a file classified protection model based on multi-dimensional label is proposed. It combines the static characteristics label with the dynamic confidentiality label organically and introduces the concept of domain label. The security of the model is proved. Analysis and application results show that access to files in different environments can be effectively controlled without influence of normal use, thus this model can ensure the security of files.
Key words:
file classified protection,
multi-dimensional label,
domain label,
access control,
Bell-Lapadula(BLP) model
摘要: 针对传统文件保护技术中普遍存在的分级管理差、管控粒度不细等问题,结合多维多密级的文件应用环境,提出基于多维标识的文件分级保护模型。该模型将静态特征标识和动态密级标识相结合,引入域标识的概念,并证明其安全性。经分析和应用表明,该模型能在不影响文件正常使用的基础上,使不同环境中的文件访问都能得到有效控制,从而保证文件的安全。
关键词:
文件分级保护,
多维标识,
域标识,
访问控制,
BLP模型
CLC Number:
BIAN Li, CHEN Xing-Yuan, HONG Yong-Wei. File Classified Protection Model Based on Multi-dimensional Label[J]. Computer Engineering, 2011, 37(13): 132-134,138.
边力, 陈性元, 汪永伟. 基于多维标识的文件分级保护模型[J]. 计算机工程, 2011, 37(13): 132-134,138.