Journal of Beijing University of Posts and Telecommunications

  • EI核心期刊

JOURNAL OF BEIJING UNIVERSITY OF POSTS AND TELECOM ›› 2012, Vol. 35 ›› Issue (5): 111-114.doi: 10.13190/jbupt.201205.111.fanyf

• Reports • Previous Articles     Next Articles

A Mandatory Access Control Model with Temporal and Spatial Constraints

FAN Yan-fang, CAI Ying, GENG Xiu-hua   

  1. 1. School of Computer, Beijing Information Science & Technology University2. State Key Laboratory of Information Security, Institute of Software of Chinese Academy of Sciences3. Department of Software Engineering, Beijing Information Technology College
  • Received:2011-12-20 Revised:2012-05-06 Online:2012-10-28 Published:2012-07-06

Abstract:

Traditional access control restrains unauthorized access only by logical method, which is vulnerable to suffer from address spoofing because of ignoring physical location. It can provide better security through introducing spatial information into access control. Security properties of objects are closely related to time in mandatory access control model. Therefore, the change of objects security property over time should be reflected in access control model. Based on classic Bell-Lapadula model (BLP), a mandatory access control model with temporal and spatial constraints is proposed, in which both time constraints and space constraints are considered. Compared to BLP model, the new model can provide better flexibility and security.

Key words: temporal and spatial constraints, mandatory access control, multi-level security

CLC Number: