摘要
经典的BLP模型是在计算机安全系统中实现多级安全性支持的基础,被视作基本安全公理 BLP模型采用"强制存取控制"和"自主存取控制"来实现其安全性 总结了BLP模型的"公理化描述"、"有限状态机模型描述"和"信息流的格模型描述"三种不同描述方法,分析了其BLP模型目前存在的安全缺陷主要是:安全级定义的不完备性、信息完整性缺陷、时域安全性缺陷和隐通道 在对BLP模型的改进中。
The classical BLP model is the base of multi-level system and is treated as a basic axiom within computer security. BLP model adopts MAC and DAC to implement its security characters. Three representation methods of BLP model:axiom representation, finite-state machine representation and information flow lattice model representation are summarized. It is found that four main defects in BLP model exist, that are, incompleteness of security level definition, disintegrality of information, defect of time domain security and defect of covert channel. BLDM and MBLP model are two influential improvements over BLP model.
出处
《江苏大学学报(自然科学版)》
EI
CAS
2004年第1期68-72,共5页
Journal of Jiangsu University:Natural Science Edition
基金
国家自然科学基金资助项目(60373069)
江苏省自然科学基金资助项目(BK200204)
