摘要
数据库安全是当前信息安全研究的一个基础和难点,文章结合数据库的用户身份认证与自主访问控制研究,设计了LogicSQL多级安全模型。该模型把安全级分为分层密级和非分层的范围组成的二元组形式;主要从安全标签、强制访问控制和可信体系结构方面进行讨论。鉴于多级安全模型在高安全数据库系统中的重要作用,在自行开发的具有自主版权的数据库管理系统LogicSQL上实现了该模型,使其至少达到B1级别安全并在企业搜索与公安系统中得到应用。
Database security is a foundation and difficult point of information security research nowadays.The paper designed multilevel security model of LogicSQL database, which is based on User Identifier, Discretionary Access Control(DAC) of database.Multilevel security model requires that all users and resources are classified and assigned a security label, which is a combination of a hierarchical security level and non-hierarchical security categories.We discussed few aspects of LogicSQL multilevel security model,including LogicSQL Label, Mandatory Access Control(MAC) and Trusted system structure .Because multilevel security model plays an important role in highly secured database system.The model for an independent copyright database management system LogicSQL is implemented.The paper designed at least the B1 security model for LogicSQL database.The model is applied in enterprise search and police system.
出处
《微计算机信息》
2010年第9期156-158,共3页
Control & Automation
