摘要
为基于不可信计算机系统来构建一个可信的多级安全(MLS)大系统,提出一种新型的跨域引用监视器及其多级安全模型。该跨域引用监视器采用现有的商业现货(COTS)产品,使用一个或多个独立的计算机,在两个或多个不同的网络之间,通过满足EAL7的单向传输硬件装置来连接。基于该跨域监视器实现了以数据为中心的多级安全模型。该模型允许信息从低密级网络流向高密级网络,也允许高密级网络把低密级数据发布给低密级网络,禁止高密级网络的高密级信息和无密级标记信息流向低密级网络,并已在分级保护的网络系统中成功应用。通过安全模型和安全策略的形式化描述和证明表明,基于该安全模型构建可信MLS大系统是可行的。
A new cross domain reference monitor and Muhi-Level Security (MLS) model were proposed for a trusted MLS system. The model was based on Commercial Off-The-Shelf (COTS) products like commercial computers and security compliant hardware devices. System high networks were properly connected with reference validation computer by trusted one- way transfer devices (EALT) for data-centric MLS model. The model allowed information to flow from low domain to high domain, and allowed sanitization data with low label to flow from high domain to low domain, but data without low label were prohibited to flow from high domain to low domain. The model was applied to the information system of classification protection. Formal verification of security model and policy demonstrates it is feasible for a MLS system with COTS products and trusted hardware devices.
出处
《计算机应用》
CSCD
北大核心
2013年第3期717-719,742,共4页
journal of Computer Applications
关键词
多级安全
引用监视器
安全模型
跨域
分级保护
Muhi Level Security (MLS)
reference monitor
security model
cross domain
cascade protection
