计算机网络中的多级安全模型

IEEE INFOCOM '88,Seventh Annual Joint Conference of the IEEE Computer and Communcations Societies. Networks: Evolution or Revolution? Pub Date : 1988-03-27 DOI:10.1109/INFCOM.1988.13028

W. Lu, M. Sundareshan

{"title":"计算机网络中的多级安全模型","authors":"W. Lu, M. Sundareshan","doi":"10.1109/INFCOM.1988.13028","DOIUrl":null,"url":null,"abstract":"A model which precisely describes the mechanism that enforces the security policy and requirements for a multilevel secure network is described. This mechanism attempts to ensure secure flow of information between entities assigned to different security classes in different computer systems connected to the network. The mechanism also controls the access to the network devices by the subjects (users and processes executed on behalf of the users) with different security clearances. The model integrates the notions of access control and information flow control to provide a trusted network base that imposes appropriate restrictions on the flow of information among the various devices. Utilizing simple set-theoretic concepts, a procedure is given to verify the security of a network that implements the present model.<<ETX>>","PeriodicalId":436217,"journal":{"name":"IEEE INFOCOM '88,Seventh Annual Joint Conference of the IEEE Computer and Communcations Societies. Networks: Evolution or Revolution?","volume":"10 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"1988-03-27","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"43","resultStr":"{\"title\":\"A model for multilevel security in computer networks\",\"authors\":\"W. Lu, M. Sundareshan\",\"doi\":\"10.1109/INFCOM.1988.13028\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"A model which precisely describes the mechanism that enforces the security policy and requirements for a multilevel secure network is described. This mechanism attempts to ensure secure flow of information between entities assigned to different security classes in different computer systems connected to the network. The mechanism also controls the access to the network devices by the subjects (users and processes executed on behalf of the users) with different security clearances. The model integrates the notions of access control and information flow control to provide a trusted network base that imposes appropriate restrictions on the flow of information among the various devices. Utilizing simple set-theoretic concepts, a procedure is given to verify the security of a network that implements the present model.<<ETX>>\",\"PeriodicalId\":436217,\"journal\":{\"name\":\"IEEE INFOCOM '88,Seventh Annual Joint Conference of the IEEE Computer and Communcations Societies. Networks: Evolution or Revolution?\",\"volume\":\"10 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"1988-03-27\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"43\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"IEEE INFOCOM '88,Seventh Annual Joint Conference of the IEEE Computer and Communcations Societies. Networks: Evolution or Revolution?\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/INFCOM.1988.13028\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"IEEE INFOCOM '88,Seventh Annual Joint Conference of the IEEE Computer and Communcations Societies. Networks: Evolution or Revolution?","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/INFCOM.1988.13028","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 43

摘要

描述了一个模型，该模型精确地描述了多级安全网络的安全策略和需求的实施机制。该机制试图确保在连接到网络的不同计算机系统中分配到不同安全级别的实体之间的信息流的安全性。该机制还控制具有不同安全权限的主体(代表用户执行的用户和进程)对网络设备的访问。该模型集成了访问控制和信息流控制的概念，以提供一个可信的网络基础，对各种设备之间的信息流施加适当的限制。利用简单的集合论概念，给出了一个验证实现该模型的网络安全性的过程

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

A model for multilevel security in computer networks

A model which precisely describes the mechanism that enforces the security policy and requirements for a multilevel secure network is described. This mechanism attempts to ensure secure flow of information between entities assigned to different security classes in different computer systems connected to the network. The mechanism also controls the access to the network devices by the subjects (users and processes executed on behalf of the users) with different security clearances. The model integrates the notions of access control and information flow control to provide a trusted network base that imposes appropriate restrictions on the flow of information among the various devices. Utilizing simple set-theoretic concepts, a procedure is given to verify the security of a network that implements the present model.<>

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

IEEE INFOCOM '88,Seventh Annual Joint Conference of the IEEE Computer and Communcations Societies. Networks: Evolution or Revolution?

自引率

0.00%

发文量