ISSN 1000-1239 CN 11-1777/TP

Journal of Computer Research and Development ›› 2015, Vol. 52 ›› Issue (10): 2411-2421.doi: 10.7544/issn1000-1239.2015.20150574

Special Issue: 2015网络安全与隐私保护研究进展

Previous Articles     Next Articles

Collaboration Supported Mandatory Access Control Model

Fan Yanfang1, Cai Ying1,2,3   

  1. 1(Computer School, Beijing Information Science & Technology University, Beijing 100101);2(State Key Laboratory of Information Security (Institute of Information Engineering, Chinese Academy of Sciences), Beijing 100093);3(Beijing Key Laboratory of Internet Culture and Digital Dissemination Research, Beijing 100101)
  • Online:2015-10-01

Abstract: According to the national classified protection of information system, information systems whose levels are above three must provide mandatory access control and label. Due to rigid access control rules, existing mandatory access control models are difficult to satisfy the new requirements of collaborative environment. In this paper, we firstly analyze the requirements of access control in collaborative environment. Then, we propose the access control policies according to a very popular scenario. And then, we propose a mandatory access control model with collaboration supported and prove the security of the model by noninterference theory. At last, we compare this models with other related models, and use an application example to show the application of this model. In general, this model integrates task-centric access control with the subject-object-centric access control. The flexibility of the model is greatly enhanced and this model can be considered as an active access control model which is more perfect to be used in collaborative environment. Through controlling the security label of subjects and objects, the bi-directional information flow which is compliant with security policies is solved.

Key words: collaboration, mandatory access control, active security model, information flow, task

CLC Number: