|
|
|
| BLP Based Access Control Mechanism in Multi-level Network Systems |
| (1. School of Electronic, Information and Electrical Engineering, Shanghai Jiaotong University, Shanghai 200240, China; 2. Shanghai Key Laboratory of Information Security Synthesis Management Technique Research, Shanghai 200240, China; 3. Key Laboratory of InformationNetwork Security, Ministry of Public Security, Shanghai 201204, China) |
|
|
|
|
Abstract N-BLP model for network access control was proposed based on the traditional BLP model. The new model can control the communication behavior between subjects by defining network elements and constructing new states transition rules. Also, the security validation of the model was given using the finite state machine theory. Further, an N-BLP access control prototype system based on LSM architecture and TCP/IP protocol was implemented. The results show that this system can finegrainedly control the connection establishment and data flow transmission, and guarantee the security of information exchanging between multi-level network systems.
|
|
Received: 27 September 2011
Published: 28 September 2012
|
|
|
|
|
|
| [1] |
QIAO Yu-Ran, WU Nan, YANG Qian-Ming, WEN Mei, ZHANG Chun-Yuan. Deadlock Detection and Recovery Based on Topological Order for NoC[J]. J. Shanghai Jiaotong Univ.(Sci.) , 2013, 47(01): 92-97. |
| [2] |
CHEN Gui-Rong-1, 2 , CAI Wan-Dong-1, XU Hui-Jie-1, YAN Pei-Xiang-3, WANG Jian-Ping-1. High-Effect Priority Bounded Confidence Model for Network Opinion Evolution[J]. J. Shanghai Jiaotong Univ.(Sci.) , 2013, 47(01): 155-160. |
| [3] |
ZHOU Gui-Yin, HE Chen, JIANG Ling-Ge. Single Transceiver and Network Characteristics Based
MAC Protocol for Cognitive Radio Wireless Sensor Networks[J]. J. Shanghai Jiaotong Univ.(Sci.) , 2012, 46(11): 1729-1735. |
| [4] |
ZHENG Bo-1, 2 , ZHANG Heng-Yang-1, SUN Peng-1, HUANG Guo-Ce-1. Connectivity on One-and Two-Way Flight Routes in Aeronautical Ad hoc Networks[J]. J. Shanghai Jiaotong Univ.(Sci.) , 2012, 46(04): 624-629. |
|
|
|
|
