ISSN 1000-1239 CN 11-1777/TP

• 论文 •

基于时间限制的多级安全模型

1. (北京交通大学计算机与信息技术学院 北京 100044) (plfyf@163.com)
• 出版日期: 2010-03-15

A Multilevel Security Model Based on Time Limit

Fan Yanfang, Han Zhen, Cao Xianggang, and He Yongzhong

1. (School of Computer and Information Technology, Beijing Jiaotong University, Beijing 100044)
• Online: 2010-03-15

Abstract: Bell-Lapadula model (BLP) is a classic model which is broadly used in military security domain. Existing research results havent taken into account the confidentiality period of the objects. In fact, the secrets preserved in objects have confidentiality period in the lifecycle of the objects. Exceeding the confidentiality period, the objects should be downgraded or declassified. In this paper, a multilevel security model based on the time limit is proposed. Through adding time parameters and checking functions to the BLP model, the objects can be downgraded or declassified when they exceed the confidentiality period. It solves the current problem of only setting the security level of the objects but keeping the security level of the objects unchanged for ever. The model restrains the usage ranges of trusted subjects, so the possible damage ranges induced by trusted subjects can be reduced. In the meantime, subjects with higher security level can write information to objects with lower security level through setting the confidentiality period of the objects flexibly without leaking high level secrets. This model improves the flexibility of the BLP model and expands the application in classified electronic file management. Through the noninterference theory, it is proved that the model meets multilevel security policy.