Cross domain reference monitor and its data-centered multilevel security model
LI Hongmin1*, WAN Pingguo2, GE Yang3
1.Institute of System Engineering, China Academy of Engineering Physics, Mianyang Sichuan 621900, China;
2.Center of International Information Strategy Studies, Beijing 100094, China;
3.Center of Defense and Industrial Security Clearance Accreditation, Beijing 100094, China
LI Hongmin WAN Pingguo GE Yang. Cross domain reference monitor and its data-centered multilevel security model[J]. Journal of Computer Applications, 2013, 33(03): 717-719.
[1]BELL D E, LAPADULA L J. Secure computer systems: unified exposition and multics interpretation [R]. Bedford: MITRE Corporation, 1976.[2]BELL D E. Looking back at the Bell-La Padula model, VA 20191 [R]. Bedford:[s.n.], 2005.[3]BELL D E. Looking back at the Bell-La Padula model[C]// ACSAC '05 Proceedings of the 21st Annual Computer Security Applications Conference. Washington, DC: IEEE Computer Society, 2005:337-351.[4]MULLER E, GRANT T, POLL E. Multilevel security[EB/OL].[2010-12-10]. http://www.dodccrp.org/events/13th_iccrts_2008/CD/html/papers/124.pdf.[5]Security target for LSPP, CAPP, and RBACPP compliance[R/OL]. [2012-11-10]. http://wenku.it168.com/d_000442844.shtml.[6]LOSCOCCO P A, SMALLEY S D, MUCKELBAUER P A, et al. The inevitability of failure: the flawed assumption of security in modern computing environments[EB/OL]. [2012-10-10]. http://citeseerx.ist.psu.edu/viewdoc/summary?doi=10.1.1.76.6442.[7]RUSHBY J. Design and verification of secure systems[C]// Proceedings of the 8th ACM Symposium on Operating System Principles. New York: ACM Press, 1981:12-21.[8]卿斯汉. 高安全等级安全操作系统的隐蔽通道分析[J]. 软件学报, 2004, 15(12): 1837-1849.[9]一种无反馈单向传输的物理隔离方法:中国,ZL200610140541.x[P].2006-10-17.[10]ANDERSON J P. Computer security technology planning study, ESDTR-73-51[R]. Bedford: Air Force Electronic Systems Division, 1972.[11]KANG M H, MOSKOWITZ I S, LEE D C. A network version of the pump[C]// Proceedings of 1995 IEEE Symposium on Security and Privacy. Piscataway, NJ: IEEE Press, 1995:144-154.[12]KANG M H, MOSKOWITZ I S, CHINCHECK S. The pump: a decade of covert fun[C]// Proceedings of the 21st Annual Computer Security Applications Conference. Piscataway, NJ: IEEE Press, 2005:5-9.[13]信息技术产品安全测评报告[EB/OL]. [2010-12-10]. http://www.itsec.gov.cn/cpyzcgg/ggl26/.[14]Developing a CC EAL7 multi-level security capability [EB/OL].[2012-03-12]. http://www.commoncriteriaportal.org/iccc/7iccc/t1/t1210900.pdf.