J4 ›› 2011, Vol. 46 ›› Issue (9): 57-60.

• Articles • Previous Articles     Next Articles

Research on privilege control mechanism and modeling of  high level information system

CHEN Ya-sha1,3, ZHAO Yong2, LIU Yan2,  SHEN Chang-xiang2   

  1. 1.  Department of Electrical and Information Engineering, Naval University of Engineering, Wuhan 430033, Hubei, China;
    2. School of Computer, Beijing University of Technology, Beijing 100124, China; 3. State Key Laboratory of
    Information Security, Institute of Software, Chinese Academy of Science, Bijing 100049, China
  • Received:2011-06-16 Online:2011-09-20 Published:2011-09-08


 In order to satisfy the least privilege requirement of high level information system,a mandatory access control model EPMM was proposed. The privilege of system is divided into three parts: system manager, security manager and audit manager, and none of the manager can destroy the whole system. Formal description for authorization division is presented, and the main theorems of EPMM were proven, so it can reduce the system loss caused by disabled users and abnormal operations.

Key words:  privilege management; formal description; security mode

No related articles found!
Full text



No Suggested Reading articles found!