北京邮电大学学报

  • EI核心期刊

北京邮电大学学报 ›› 2012, Vol. 35 ›› Issue (5): 111-114.doi: 10.13190/jbupt.201205.111.fanyf

• 研究报告 • 上一篇    下一篇

具有时空约束的强制访问控制模型

范艳芳, 蔡 英, 耿秀华   

  1. 1. 北京信息科技大学 计算机学院2. 中国科学院软件研究所 信息安全国家重点实验室,3. 北京信息职业技术学院 软件工程系
  • 收稿日期:2011-12-20 修回日期:2012-05-06 出版日期:2012-10-28 发布日期:2012-07-06
  • 通讯作者: 范艳芳 E-mail:plfyf@163.com
  • 作者简介:范艳芳(1979-),女,讲师,博士,E-mail:plfyf@163.com
  • 基金资助:

    北京信息科技大学网络文化与数字传播北京市重点实验室开放课题;信息安全国家重点实验室(中国科学院软件研究所)开放课题

A Mandatory Access Control Model with Temporal and Spatial Constraints

FAN Yan-fang, CAI Ying, GENG Xiu-hua   

  1. 1. School of Computer, Beijing Information Science & Technology University2. State Key Laboratory of Information Security, Institute of Software of Chinese Academy of Sciences3. Department of Software Engineering, Beijing Information Technology College
  • Received:2011-12-20 Revised:2012-05-06 Online:2012-10-28 Published:2012-07-06

摘要:

传统的访问控制通过逻辑的方法来防止未授权的信息访问,忽略了物理位置的作用,从而容易遭受地址欺骗类攻击. 将位置信息引入访问控制可以提供更好的安全性. 在强制访问控制中客体的安全属性与时间密切相关,访问控制模型中应反映客体的安全属性随时间的变化. 以经典的Bell-Lapadula 模型为基础,提出一个具有时空约束的强制访问控制模型,综合考虑时间和空间约束,在增加访问控制模型灵活性的基础上提高访问控制模型的安全性.

关键词: 时空约束, 强制访问控制, 多级安全

Abstract:

Traditional access control restrains unauthorized access only by logical method, which is vulnerable to suffer from address spoofing because of ignoring physical location. It can provide better security through introducing spatial information into access control. Security properties of objects are closely related to time in mandatory access control model. Therefore, the change of objects security property over time should be reflected in access control model. Based on classic Bell-Lapadula model (BLP), a mandatory access control model with temporal and spatial constraints is proposed, in which both time constraints and space constraints are considered. Compared to BLP model, the new model can provide better flexibility and security.

Key words: temporal and spatial constraints, mandatory access control, multi-level security

中图分类号: