Research on permission revocation in dynamic security policies

Journal of Computer Applications ›› 2009, Vol. 29 ›› Issue (07): 1809-1812.

• Pattern recognition and Software • Previous Articles Next Articles

Research on permission revocation in dynamic security policies

Received:2009-01-15 Revised:2009-03-06 Online:2009-07-01 Published:2009-07-01

动态安全策略的权限撤销研究

王涛,曾庆凯

南京大学计算机软件新技术国家重点实验室；南京大学计算机科学与技术系

通讯作者: 王涛
基金资助:
国家级基金

Abstract

Abstract:

In this paper a revocation mechanism based on VTC and in-progress cross list was presented. The revocation is implemented by checking the validation and the timestamp of permissions and a two-way searching on the in-progress cross list on L4 microkernel. Experimental results show that the mechanism is effective and only increases approximately 1% system overhead.

摘要：

在分析以往安全操作系统中权限撤销机制的基础上，提出一种基于VTC和inprogress 交叉链表的权限撤销机制。该机制通过对权限有效性、时效性检查以及inprogress权限双向搜索实现权限撤销，并在基于L4微内核的原型系统中得以实现。实验表明，该撤销机制增加了1%左右的系统性能损耗。

关键词: 安全操作系统;动态安全策略;权限撤销

CLC Number:

TP309

王涛曾庆凯. 动态安全策略的权限撤销研究[J]. 计算机应用, 2009, 29(07): 1809-1812.

[1]	YANG Qiong YU Lifeng. Continuous queries attacking algorithms of location based service [J]. Journal of Computer Applications, 2014, 34(1): 95-98.
[2]	ZHOU Zhiping ZHUANG Xuebo. Node identity authentication scheme for clustered WSNs based on P-ECC and congruence equation [J]. Journal of Computer Applications, 2014, 34(1): 104-107.
[3]	GAO Haibo DENG Xiaohong CHEN Zhigang. Medical Image Privacy Protection Scheme Based on Reversible Visible Watermarking [J]. Journal of Computer Applications, 2014, 34(1): 119-123.
[4]	FAN Chang RU Peng. Nonlinear once time once password (t,n) threshold secret sharing scheme [J]. Journal of Computer Applications, 2013, 33(09): 2536-2539.
[5]	MA Anjun LI Fangwei ZHU Jiang. Linear collusion attack analysis of combined public key cryptosystem [J]. Journal of Computer Applications, 2013, 33(08): 2225-2227.
[6]	MAO Kun DU Xuehui SUN Yi. Multiple-dimension process behavior evaluation model and its optimization [J]. Journal of Computer Applications, 2013, 33(08): 2244-2249.
[7]	LIU Tao XIONG Yan HUANG Wenchao LU Qiwei GONG Xudong. Node behavior and identity-based trusted authentication in wireless sensor networks [J]. Journal of Computer Applications, 2013, 33(07): 1842-1845.
[8]	CHEN Shanshan. Trust model based on weight factor in P2P network [J]. Journal of Computer Applications, 2013, 33(06): 1612-1614.
[9]	FANG Hai ZHOU Quan. Multilevel reversible information hiding algorithm for multispectral images [J]. Journal of Computer Applications, 2013, 33(06): 1622-1645.
[10]	XU Kaiyong FANG Ming YANG Tianchi MENG Fanwei HUANG Huixin. Value-at-risk quantitative method about password chip under differential power analysis attacks [J]. Journal of Computer Applications, 2013, 33(06): 1642-1645.
[11]	CHEN Yongqiang FU Yu WU Xiaoping. Active defense strategy selection based on non-zero-sum attack-defense game model [J]. Journal of Computer Applications, 2013, 33(05): 1347-1352.
[12]	LIU Kui LIANG Xiangqian LI Xiaolin. Concurrent signature scheme constructed by identity-based ring signcryption [J]. Journal of Computer Applications, 2013, 33(05): 1386-1390.
[13]	ZHAO Yanli WANG Xing. Steganalysis of JPEG images based on bilateral transition probability matrix [J]. Journal of Computer Applications, 2013, 33(04): 1074-1076.
[14]	HE Yuan TIAN Simei. Block encryption algorithm based on chaotic S-box for wireless sensor network [J]. Journal of Computer Applications, 2013, 33(04): 1081-1084.
[15]	HE Junjie SUN Fang QI Chuanda. Cryptanalysis and improvement of ID-based partially blind signature scheme [J]. Journal of Computer Applications, 2013, 33(03): 762-765.

Research on permission revocation in dynamic security policies

动态安全策略的权限撤销研究

PDF

Knowledge

Abstract

Cite this article

share this article

References

Related Articles 15

Recommended Articles

Metrics