%0 Journal Article
%T Trust Degree Based Multilevel Security Policy and Its Model of State Machine<br>基于可信级别的多级安全策略及其状态机模型
%A XIE Jun
%A XU Feng
%A HUANG Hao
%A <br>谢钧
%A 许峰
%A 黄皓
%J 软件学报
%D 2004
%I 
%X MLS (multilevel security) is being widely applied in many security critical systems, but it cant implement many important security policies such as channel-control. In this paper, the concept of trust degree is introduced into the MLS to implement policies like channel-control conveniently. An access control state machine model which enforces the trust degree based multilevel security policy is established, and is proved to be secure for this policy. It is also proved that this model can enforce all static information flow policies. An extension of the model is also offered to support the dynamic change of storage objects?security labels. The model avoids the disadvantage of MLS?not being able to resolve the problem of secure downgrading and not taking integrity into consideration, and at the same time it retains the advantage of easy understanding and use enjoyed by the traditional classified policy models.
%K security policy
%K multilevel security
%K access control model
%K information flow model<br>安全策略
%K 多级安全
%K 访问控制模型
%K 信息流模型
%U http://www.alljournals.cn/get_abstract_url.aspx?pcid=5B3AB970F71A803DEACDC0559115BFCF0A068CD97DD29835&cid=8240383F08CE46C8B05036380D75B607&jid=7735F413D429542E610B3D6AC0D5EC59&aid=96B3BA6A77BBA9E9&yid=D0E58B75BFD8E51C&vid=23CCDDCD68FFCC2F&iid=708DD6B15D2464E8&sid=19519743553AEE80&eid=387FB6C3BA4B6547&journal_id=1000-9825&journal_name=软件学报&referenced_num=6&reference_num=8