基于动态可信度量的敏感信息安全控制模型-《计算机技术与发展》

文章信息/Info

Title:: Secure Control Model of Sensitive Information Based on Dynamic Trust Measurement

Author(s):: FEI Jia-xuan; ZHANG Tao; LIN Wei-min; CHEN Ya-dong; ZENG Rong; Institute of Information and Communication, State Grid Electric Power Research Institute

Keywords:: multi-level security; security label ; trusted computing ; dynamic trust measurement; trust degree

摘要:: 随着信息技术的高速发展，计算机系统处理的敏感信息规模不断增长，确保敏感信息的安全变得非常重要。文中对传统的多级安全模型BLP模型进行了分析，指出其对敏感信息完整性保护不足的安全隐患。针对该安全隐患，文中设计了基于动态可信度量的敏感信息安全控制模型（DTMSISCM）并给出了其实现架构，DTMSISCM通过实施基于可信度的敏感信息安全控制，在维持和BLP模型相同保密性的基础上，保证了敏感数据的完整性，提高了系统敏感信息安全控制的可用性

Abstract:: With the rapid development of information technology, the size of sensitive information handled by computer systems is growing. To ensure the security of sensitive information becomes very important. In this paper,the traditional multi-level security model BLP model is analyzed and pointed out its lack of Integrity protection of sensitive information which is security risks. Against the security risks, a secure control model of sensitive information based on the dynamic trust measurement （DTMSISCM） is designed in this paper and a framework for its implementation is also given. DTMSISCM implements sensitive information control through trust degree and it maintains the same confidentiality as BLP model. Furthermore,it can ensure the integrity of sensitive information and improve the system availability of sensitive information security controls