通过RBAC和TE模型融合实现Clark-Wilson模型

doi:10.7523/j.issn.2095-6134.2010.4.016

中国科学院大学学报 ›› 2010, Vol. 27 ›› Issue (4): 538-546.DOI: 10.7523/j.issn.2095-6134.2010.4.016

通过RBAC和TE模型融合实现Clark-Wilson模型

袁春阳¹, 邓晨蕾²

1. 国家计算机网络应急技术处理协调中心,北京 100029;
2. 中国科学院研究生院,北京 100049

收稿日期:2009-11-18 修回日期:2010-03-04 发布日期:2010-07-15
通讯作者: 袁春阳
基金资助:
Supported by National 863 Hight-tech Research Development Program of China (2006AA01Z451, 2007AA010505, and 2009AA01Z432) 

Enforcement of Clark-Wilson model in combination of RBAC and TE models

YUAN Chun-Yang¹, DENG Chen-Lei²

1. Computer Network Emergency Response Technical Team/Coordination Center of China, Beijing 100029, China;
2. Graduate University, Chinese Academy of Sciences, Beijing 100049, China

Received:2009-11-18 Revised:2010-03-04 Published:2010-07-15
Supported by:
Supported by National 863 Hight-tech Research Development Program of China (2006AA01Z451, 2007AA010505, and 2009AA01Z432) 

摘要/Abstract

摘要：

提出通过融合RBAC和TE模型来实现Clark-Wilson模型的一种方法,即:通过不同用户赋予不同角色实现责任分立;利用特殊的域表示变换过程;使用不同的类型标识约束数据项和非约束数据项. 分析了实施和认证规则的正确性. 通过在SEBSD系统中实施了FTP的完整性安全策略的实例,说明该方法能够实现细粒度的访问控制和灵活配置.

关键词: 安全操作系统, Clark-Wilson模型, RBAC模型, TE模型

Abstract:

An approach to enforce Clark-Wilson model in the combination of RBAC and TE models is presented, namely: separation of duties is addressed by assigning different roles to different users; special domains are used for representing transformation procedures; and the constrained data items and unconstrained data items are labeled with different types. The correctness of the enforcement and certification rules is analyzed. A detailed case study of FTP integrity policy is implemented under SEBSD, and shows that the approach achieves fine-grained access control and flexible configuration.

Key words: secure operating system, Clark-Wilson, RBAC, type enforcement

中图分类号:

TP309

袁春阳, 邓晨蕾. 通过RBAC和TE模型融合实现Clark-Wilson模型[J]. 中国科学院大学学报, 2010, 27(4): 538-546.

YUAN Chun-Yang, DENG Chen-Lei. Enforcement of Clark-Wilson model in combination of RBAC and TE models[J]. , 2010, 27(4): 538-546.

参考文献

[1] Clark D D, Wilson D R. A comparison of commercial and military computer security policies //IEEE Symposium of Security and Privacy, 1987: 184-194.

[2] SELinux . . http://www.nsa.gov/research/selinux/index.shtml.

[3] Ferraiolo D, Kuhn R. Role-based access controls //Proceedings of the 15th National Computer Security Conference, October 1992.

[4] Sandhu R, Coyne E J, Feinstein H L, et al. Role-based access control model
[J]. IEEE Computer, 1996, 29(2): 38-47.

[5] Ferraiolo D F, Sandhu R, Gavrila S, et al. Proposed NIST standard for role-based access control
[J]. ACM Transactions on Information and Systems Security, 2001, 4(3): 1-51.

[6] Boebert W, Kain R. A practical alternative to hierarchical integrity policies //Proceedings of the Eighth National Computer Security Conference, 1985.

[7] Brien R O, Rogers C. Developing applications on LOCK //Proc. 14th National Computer Security Conference, Washington DC, 1991: 147-156.

[8] Badger L, Sterne D F, Sherman D L, et al. A domain and type enforcement UNIX prototype . Usenix Computing Systems, 1996, 9(1): 47-83.

[9] Tidswell J, Potter J. An approach to dynamic domain and type enforcement, Microsoft Research Institute, Department of Computing, Macquarie University, NSW, Australia, 2000.

[10] Hallyn S E, Kearns P. Domain and type enforcement for Linux . . http://www.cs.wm.edu/~kearns/001lab.d/projects.d/als2000.pdf.

[11] Lampson B. Protection . ACM Operating Sys Reviews, 1974, 8(1): 18-24.

[12] Gaverila S, Barkley J. Formal specification for rbac user/role and role relationship management //Proc of third ACM Workshop on Role based access control, 1998: 81-90.

[13] Kuhn R. Mutual exclusion as a means of implementing separation of duty requirements in role based access control systems //Proc of Second ACM Workshop on Role based access control, 1997.

[14] Liang B, Shi W C, Sun Y F, et al. An approach to enforcing Clark-Wilson model in role-based access control model
[J]. Chinese Journal of Electronics, 2004, 13(4): 596-599.

[15] Schneider F B. Enforceable security policies //ACM Transactions on Information and System Security, 2001.

[16] Source Forge Website. . http://sf.net.

[17] Spencer R, Smalley S, Loscocco P, et al. The flask security architecture: system support for diverse security policies //Proceedings of the 8th USENIX Security Symposium, Washington, DC, USA, 1999: 123-139.

[18] Vance C, Watson R. Security Enhanced BSD . TR of Network Associates Laboratories, 2003 . http://www.trustedbsd.org/sebsd.

[19] Smalley S. Configuring the SELinux Policy . TR of NSA. 2003 . http://www.nsa.gov/selinux.

[20] Shockley W. Implementing the clark/wilson integrity policy using current technology //Proceedings of NIST-NCSC National Computer Security Conference, 1998: 29-37.

[21] Lee T M P. Using mandatory integrity to enforce "commercial" security //IEEE Symposium on Security and Privacy. IEEE Computer Society Press, 1988: 140-146.

通过RBAC和TE模型融合实现Clark-Wilson模型

Enforcement of Clark-Wilson model in combination of RBAC and TE models

PDF (PC)

可视化

摘要/Abstract

引用本文

使用本文

参考文献

相关文章 3

编辑推荐

Metrics

本文评价

访问统计

联系我们

[1]	袁春阳; 石文昌; 梁洪亮; 武延军; 商青华. 支持增强Linux安全性的多个安全策略模型的统一框架（英文）[J]. 中国科学院大学学报, 2006, 23(2): 205-212.
[2]	王富良, 贺也平, 李丽萍. 基于LSM框架的审计系统的设计与实现[J]. 中国科学院大学学报, 2005, 22(6): 707-711.
[3]	张相锋, 孙玉芳. 安全操作系统中用户账号的管理(英文)[J]. 中国科学院大学学报, 2004, 21(1): 95-100.