计算机研究与发展
計算機研究與髮展
계산궤연구여발전
JOURNAL OF COMPUTER RESEARCH AND DEVELOPMENT
2010年
3期
508-514
,共7页
范艳芳%韩臻%曹香港%何永忠
範豔芳%韓臻%曹香港%何永忠
범염방%한진%조향항%하영충
多级安全模型%访问控制%降密%解密%保密期限
多級安全模型%訪問控製%降密%解密%保密期限
다급안전모형%방문공제%강밀%해밀%보밀기한
multilevel security model%access control%downgrade%declassify%confidentiality period
BLP模型是军事安全领域中的经典模型,已有研究成果未考虑客体的保密期限.实际上,在承载秘密的客体的生命周期中,其保存的秘密具有一定时效性.超过了保密期限,客体的安全等级应进行调整.提出一种基于时间限制的多级安全模型,以BLP模型为基础,通过引入时间参数和检查函数,实现超过保密期限客体的降密或解密,解决目前普遍存在的安全等级只定不解、一定终身的问题;限制了可信主体的作用范围,减小了可信主体可能造成的危害;通过灵活的设置保密期限,在不泄漏秘密的情况下,允许高级别主体向低级别客体写入信息;改进了BLP模型的灵活性,扩展了其在密级电子文件管理方面的应用.通过不干扰原理对模型的安全性进行了证明.
BLP模型是軍事安全領域中的經典模型,已有研究成果未攷慮客體的保密期限.實際上,在承載祕密的客體的生命週期中,其保存的祕密具有一定時效性.超過瞭保密期限,客體的安全等級應進行調整.提齣一種基于時間限製的多級安全模型,以BLP模型為基礎,通過引入時間參數和檢查函數,實現超過保密期限客體的降密或解密,解決目前普遍存在的安全等級隻定不解、一定終身的問題;限製瞭可信主體的作用範圍,減小瞭可信主體可能造成的危害;通過靈活的設置保密期限,在不洩漏祕密的情況下,允許高級彆主體嚮低級彆客體寫入信息;改進瞭BLP模型的靈活性,擴展瞭其在密級電子文件管理方麵的應用.通過不榦擾原理對模型的安全性進行瞭證明.
BLP모형시군사안전영역중적경전모형,이유연구성과미고필객체적보밀기한.실제상,재승재비밀적객체적생명주기중,기보존적비밀구유일정시효성.초과료보밀기한,객체적안전등급응진행조정.제출일충기우시간한제적다급안전모형,이BLP모형위기출,통과인입시간삼수화검사함수,실현초과보밀기한객체적강밀혹해밀,해결목전보편존재적안전등급지정불해、일정종신적문제;한제료가신주체적작용범위,감소료가신주체가능조성적위해;통과령활적설치보밀기한,재불설루비밀적정황하,윤허고급별주체향저급별객체사입신식;개진료BLP모형적령활성,확전료기재밀급전자문건관리방면적응용.통과불간우원리대모형적안전성진행료증명.
Bell-Lapadula model (BLP) is a classic model which is broadly used in military security domain.Existing research results haven't taken into account the confidentiality period of the objects.In fact,the secrets preserved in objects have confidentiality period in the lifecycle of the objects.Exceeding the confidentiality period,the objects should be downgraded or declassified.In this paper,a multilevel security model based on the time limit is proposed.Through adding time parameters and checking functions to the BLP model,the objects can be downgraded or declassified when they exceed the confidentiality period.It solves the current problem of only setting the security level of the objects but keeping the security level of the objects unchanged for ever.The model restrains the usage ranges of trusted subjects,so the possible damage ranges induced by trusted subjects can be reduced.In the meantime,subjects with higher security level can write information to objects with lower security level through setting the confidentiality period of the objects flexibly without leaking high level secrets.This model improves the flexibility of the BLP model and expands the application in classified electronic file management.Through the noninterference theory,it is proved that the model meets multilevel security policy.