Information aggregation leakage proof model based on assignment partition

doi:10.3724/SP.J.1087.2013.00408

Journal of Computer Applications ›› 2013, Vol. 33 ›› Issue (02): 408-416.DOI: 10.3724/SP.J.1087.2013.00408

• Information security • Previous Articles Next Articles

Information aggregation leakage proof model based on assignment partition

XIE Wenchong¹,²,YANG Yingjie¹,²,WANG Yongwei¹,²,DAI Xiangdong¹,²

1. Henan Province Key Laboratory of Information Security (Information Engineering University), Zhengzhou Henan 450004, China
2. Information Engineering University, Zhengzhou Henan 450004, China

Received:2012-08-27 Revised:2012-10-16 Online:2013-02-01 Published:2013-02-25
Contact: XIE Wenchong

基于任务划分的防信息聚合泄密模型

解文冲¹,²,杨英杰¹,²,汪永伟¹,²,代向东¹,²

1. 河南省信息安全重点实验室(信息工程大学)，郑州 450004
2. 信息工程大学，郑州 450004

通讯作者: 解文冲
作者简介:解文冲(1987-)，男，山东青岛人，硕士研究生，主要研究方向：信息安全;
杨英杰(1971-)，男，河南郑州人，副教授，博士，主要研究方向：信息安全;
汪永伟(1977-)，男，河南郑州人，讲师，博士研究生，主要研究方向：访问控制、态势感知;
代向东(1977-)，男，四川仁寿人，讲师，硕士，主要研究方向：安全策略管理。
基金资助:
国家973计划项目

Abstract

Abstract: To solve the problems existing in BLP (Bell-LaPadula) model, such as information aggregation leakage, excessive privileges of trusted subject and the deficiency of integrity, with reference to the application requirement of hierarchical file protection, an information aggregation leakage proof model named IALP (Information Aggregation Leakage Proof) was proposed based on assignment partition. First of all, the cause of information aggregation leakage and the current research situation were discussed. Secondly, on the basis of assignments partition, the knowledgeable degree of subject and the information weight of object were quantized, and the relatively trusted subject was proposed. Security axioms and state transition rules were given. Finally, the theoretical proof, application examples and analysis indicate that IALP can control the knowable degree of the subject towards the object set with the aggregation leakage relation, and limits the privilege of trusted subject and enhances the integrity to some extent.

Key words: hierarchical file protection, Bell-LaPadula (BLP) model, information aggregation, trusted subject, integrity

摘要： 针对BLP模型中存在的信息聚合泄密、可信主体权限过大以及模型完整性缺失的问题，结合文件分级保护的需求，提出了基于任务划分的防信息聚合泄密模型IALP。首先，探讨了信息聚合形成的原因及研究现状;然后，以任务划分为基础，对主体的信息可知度及客体所占信息权重进行量化，提出了相对可信主体的概念，给出了模型安全公理和状态转换规则。最后，经理论证明、应用举例和分析表明，该模型能够控制主体对具有聚合泄密关系的客体集合的可知程度，并在一定程度上限制可信主体权限以及增强完整性。

关键词: 文件分级保护, Bell-LaPadula (BLP)模型, 信息聚合, 可信主体, 完整性

CLC Number:

TP309.2

XIE Wenchong YANG Yingjie WANG Yongwei DAI Xiangdong. Information aggregation leakage proof model based on assignment partition[J]. Journal of Computer Applications, 2013, 33(02): 408-416.

解文冲杨英杰汪永伟代向东. 基于任务划分的防信息聚合泄密模型[J]. 计算机应用, 2013, 33(02): 408-416.

[1]	QING Xinyi, CHEN Yuling, ZHOU Zhengqiang, TU Yuanchao, LI Tao. Blockchain storage expansion model based on Chinese remainder theorem [J]. Journal of Computer Applications, 2021, 41(7): 1977-1982.
[2]	GAO Haoyu, LI Leixiao, LIN Hao, LI Jie, DENG Dan, LI Shaoxu. Research and application progress of blockchain in area of data integrity protection [J]. Journal of Computer Applications, 2021, 41(3): 745-755.
[3]	LI Xiuyan, LIU Mingxi, SHI Wenbo, DONG Guofang. Efficient dynamic data audit scheme for resource-constrained users [J]. Journal of Computer Applications, 2021, 41(2): 422-432.
[4]	XU Zhoubo, LI Zhen, LIU Huadong, LI Ping. Subgraph isomorphism matching algorithm based on neighbor information aggregation [J]. Journal of Computer Applications, 2021, 41(1): 43-47.
[5]	WEN Jing, LI Zhihong. Monocular image depth estimation method based on ResNeXt with squeeze-and-excitation module [J]. Journal of Computer Applications, 2021, 41(1): 215-219.
[6]	LI Zhaobin, LIU Zeyi, WEI Zhanzhen, HAN Yu. Software defined network path security based on Hash chain [J]. Journal of Computer Applications, 2019, 39(5): 1368-1373.
[7]	LU Zicong, XU Kaiyong, GUO Song, XIAO Jingxu. Dynamic measurement of Android kernel based on ARM virtualization extension [J]. Journal of Computer Applications, 2018, 38(9): 2644-2649.
[8]	BAI Ping, ZHANG Wei, WANG Xu'an. Homomorphic MACs for arithmetic circuits on cloud environment [J]. Journal of Computer Applications, 2018, 38(9): 2543-2548.
[9]	BAI Ping, ZHANG Wei, LI Cong, WANG Xu'an. Verifiable ciphertext retrieval scheme with user revocation [J]. Journal of Computer Applications, 2018, 38(6): 1640-1643.
[10]	WANG Manman, SHU Yong'an. Energy consumption of WSN with multi-mobile sinks considering QoS [J]. Journal of Computer Applications, 2018, 38(3): 758-762.
[11]	XU Mingdi, GAO Yang, GAO Xueyuan, ZHANG Fan. Correspondence property-based platform configuration attestation [J]. Journal of Computer Applications, 2018, 38(2): 337-342.
[12]	CAI Mengjuan, CHEN Xingshu, JIN Xin, ZHAO Cheng, YIN Mingyong. Paging-measurement method for virtual machine process code based on hardware virtualization [J]. Journal of Computer Applications, 2018, 38(2): 305-309.
[13]	MIAO Junmin, FENG Chaosheng, LI Min, LIU Xia. Public auditing scheme of data integrity for public cloud [J]. Journal of Computer Applications, 2018, 38(10): 2892-2898.
[14]	ZHAO Cheng, CHEN Xingshu, JIN Xin. Virtual machine file integrity monitoring based on hardware virtualization [J]. Journal of Computer Applications, 2017, 37(2): 388-391.
[15]	ZHANG Xinpeng, XU Chunxiang, ZHANG Xinyan, SAI Wei, HAN Xingyang, LIU Guoping. Efficient public auditing scheme for cloud storage supporting user revocability with proxy re-signature scheme [J]. Journal of Computer Applications, 2016, 36(7): 1816-1821.

Information aggregation leakage proof model based on assignment partition

基于任务划分的防信息聚合泄密模型

PDF

Knowledge

Abstract

Cite this article

share this article

References

Related Articles 15

Recommended Articles

Metrics