An improved MLS policy model
2016 10th IEEE International Conference on Anti-counterfeiting, Security, and Identification (ASID)(2016)
摘要
Bell-LaPadula model is able to provide excellent protection for confidentiality, but is short of integrity policy. Moreover, its trusted subjects are endowed too much privilege to be conformed with the principle of least privilege. In order to resolve these problems, a new hybrid model called CIUSM is proposed, which takes Bell-LaPadula as the initial model. CIUSM organically absorbs ideas of well-formed transaction in Clark-Wilson model and domain separation in DTE model, which effectively remedy the loss of integrity policy and limit the accessible range of trusted subjects. Finally, safety of CIUSM and Bell-LaPadula are quantitatively estimated and compared based on security entropy theory. Research shows that CIUSM has higher security strength than BLP, being able to meet security requirements for both confidentiality and integrity.
更多查看译文
关键词
Bell LaPadula,well-formed transaction,domain separation,security entropy,confidentiality,integrity
AI 理解论文
溯源树
样例
![](https://originalfileserver.aminer.cn/sys/aminer/pubs/mrt_preview.jpeg)
生成溯源树,研究论文发展脉络
Chat Paper
正在生成论文摘要