您的位置:山东大学 -> 科技期刊社 -> 《山东大学学报(理学版)》

J4 ›› 2011, Vol. 46 ›› Issue (9): 28-34.

• CTCIS 2011 会议 • 上一篇    下一篇

基于无干扰理论的安全保障方法

孙瑜1,陈亚莎2,张兴1,刘毅1   

  1. 1.北京工业大学计算机学院, 北京 100022; 2.海军工程大学信息与电气工程学院, 武汉 湖北 430033
  • 收稿日期:2011-05-21 出版日期:2011-09-20 发布日期:2011-09-08
  • 作者简介:孙瑜(1977- ),男,博士研究生,研究方向为安全操作系统和可信计算. Email: syking1@163.com
  • 基金资助:

    国家重点基础研究发展计划(“973”计划)项目(2007CB311100);国家高技术研究发展计划(863计划)项目(2009AA01Z437)

Security assurance method based on non-interference

SUN Yu1, CHEN Ya-sha2, ZHANG Xing1, LIU Yi1   

  1. 1. Computer Science Department, Beijing University of Technology, Beijing 100022, China;
    2. College of Information and Electrical Engineering, Naval University of Engineering, Wuhan 430033, Hubei, China
  • Received:2011-05-21 Online:2011-09-20 Published:2011-09-08

PDF (PC)

1798

摘要:

近年来,安全保障作为操作系统安全的一个重要方面越来越受到研究者的重视。对于高安全级别操作系统,体系结构层次的结构化是必须要达到的安全保障要求,是其区别于低安全级别系统的本质特征。本文首先分析了传统信息流模型在解决安全保障问题方面的不足,然后以传统无干扰模型为基础,研究了安全保障在其中的描述和体现,提出了能够满足引用监视器假设的结构化规则。其次,提出可信管道的概念,将其应用到无干扰模型的结构化保障中,并对模型的安全性进行了证明。最后,给出了一种基于可信管道的结构化信息流控制的实现方案。

关键词: 结构化;无干扰;进程;引用监视器;安全保障

Abstract:

In recent years, more and more researchers have taken attention to security assurance as an important aspect of operating system security. For high level secure operating system, structuration of architecture level must be met as security assurance requirements, which is the essential characteristics from the low level secure system. Firstly, the lacks of the traditional information flow model on solving the problem of security are analyzed, and the description and reflect of the security assurance in non-interference model are studied. Then structural rules are raised that can match reference monitor hypothesis. Secondly, the concept of the trusted pipeline is applied to the structural assurance of non-interference model, and security of the new model is proven. Finally, an implementation scheme of structured information flow control based on trusted pipeline is proposed.
 

Key words: structuration; non-interference; process; reference monitor; security assurance

No related articles found!
Viewed
Full text


Abstract

Cited
  Shared   
  Discussed   
No Suggested Reading articles found!
版权所有 © 2018 《山东大学学报(理学版)》编辑部 
地址: 山东省济南市山大南路27号山东大学中心校区(250100) 电话: +86-0531-88366917 E-mail: xblxb@sdu.edu.cn
本系统由北京玛格泰克科技发展有限公司设计开发