[1]张强 魏立峰.严格自主访问控制的研究与设计[J].计算机技术与发展,2012,(04):219-222.
 ZHANG Qiang,WEI Li-feng.Research and Design of Strict Discretionary Access Control[J].,2012,(04):219-222.
点击复制

严格自主访问控制的研究与设计()
分享到:

《计算机技术与发展》[ISSN:1006-6977/CN:61-1281/TN]

卷:
期数:
2012年04期
页码:
219-222
栏目:
安全与防范
出版日期:
1900-01-01

文章信息/Info

Title:
Research and Design of Strict Discretionary Access Control
文章编号:
1673-629X(2012)04-0219-04
作者:
张强 魏立峰
国防科学技术大学计算机学院
Author(s):
ZHANG QiangWEI Li-feng
School of Computer,National University of Defense Technology
关键词:
严格自主访问控制访问控制列表权能用户链表授权
Keywords:
strict discretionary access control(SDAC) access control list(ACL) capabilities user linked list authorization
分类号:
TP309.2
文献标志码:
A
摘要:
传统自主访问控制机制虽有授权自主性的优点,但是在实际使用中由于超级用户的存在,其权限过大,可不受自主访问控制的限制,用户不能确保对自身数据的绝对控制。针对这一问题,文中提出基于白名单用户链表的严格自主访问控制机制,在操作系统内核中维护一个实施严格自主访问控制的白名单用户链表,由用户自主决定是否需要以及哪些文件需要进行严格的自主访问控制,实现了真正意义上的用户自主决定权,使得属主用户能够对文件的访问授权做到完全控制
Abstract:
Although the traditional Discretionary Access Control(DAC) Mechanism has an advantage that a subject can discretionarily decide who can access his own object,the super-user in Linux is unrestricted because of its full privilege.To address the problem,a new mechanism called Strict Discretionary Access Control(SDAC) based on the white user linked list is proposed.User can decide whether it can be implemented or not and which files need to be strictly protected by a white user linked list for users who carry on strict access control in operating system kernel.This mechanism can implement that the file owner could completely control the access authorization of the file;Consequentially,any other users including the privilege-user cannot access files if they are not allowed

相似文献/References:

[1]潘文婵 章韵.路由器访问控制列表在网络安全中的应用[J].计算机技术与发展,2010,(08):159.
 PAN Wen-chan,ZHANG Yun.Application of Access Control List on Router in Network Security[J].,2010,(04):159.
[2]杨梅 杨平利 宫殿庆.ACL技术研究及应用[J].计算机技术与发展,2011,(06):145.
 YANG Mei,YANG Ping-li,GONG Dian-qing.Access Control List Technology Studying and Application[J].,2011,(04):145.

备注/Memo

备注/Memo:
国家核高基项目(2010ZX01045-001-002-5)张强(1986-),男,江苏南通人,硕士研究生,研究方向为信息安全;魏立峰,副研究员,博士,研究方向为信息安全、系统软件
更新日期/Last Update: 1900-01-01