北京邮电大学学报

  • EI核心期刊

北京邮电大学学报 ›› 2009, Vol. 32 ›› Issue (3): 73-76.doi: 10.13190/jbupt.200903.73.leixf

• 论文 • 上一篇    下一篇

Chinese-Wall模型在开放综合安全模型中的实现

雷新锋 刘军 肖军模   

  1. 解放军理工大学通信工程学院
  • 收稿日期:2008-05-13 修回日期:2009-01-19 出版日期:2009-06-28 发布日期:2009-06-28
  • 通讯作者: 雷新锋

Implement of Chinese-Wall Model Based on an Open Synthetical Security Model

LEI Xin-Feng   

  • Received:2008-05-13 Revised:2009-01-19 Online:2009-06-28 Published:2009-06-28
  • Contact: LEI Xin-Feng

摘要:

Chinese Wall模型体现了随系统运行而不断改变的动态安全策略,但使用范围有限. 为了保持安全模型在适应不同领域的同时能够体现动态安全策略,基于一种开放的综合安全模型(OSSM),提出Chinese Wall模型的实现方法.该方法通过构造动态累加角色,记录必要的访问历史,然后结合历史访问及安全策略对当前访问请求作出决策,以体现策略的动态性.实现结果表明,该方法在保持模型综合性的同时,提高了其灵活性.

关键词: 信息安全, Chinese Wall模型, 开放综合安全模型, 动态安全策略

Abstract:

Chinese Wall model can express the dynamic security policy which keeps changing at runtime, but it can only applied in a limited area. To make the model can express the dynamic policy and applied to a extensive area as well, based on an open synthetical security model(OSSM), an implement method of Chinese Wall model is proposed. In this method, a dynamic accumulative role(DAR) is built to record the necessary historical access, and then, based on both the security policy and historical access, the response to the current access request is made to meet the dynamic of the policy. The result shows that this method improves the flexibility of security model and keeps its integration as well.

Key words: Information security, Chinese Wall model, open synthetical security model, dynamic security policy