为解决跨域跨系统环境下的违规间接信息流问题,提出了一种联合访问控制模型.通过记录系统中的访问行为,构建跨系统的信息流图;在此基础上给出信息流图的安全性定理,定义系统的安全状态;通过制定安全规则,约束跨域跨系统环境中的访问行为.基于安全熵对模型的安全性进行分析和验证,验证结果表明了模型在间接信息流的安全防护能力方面优于传统模型.%To solve the problem of conflicting information flow in cross-domain or cross-systems information systems, an union access control model is proposed Firstly, the information flow graph is formed by recording the accesses in systems: Then, the security theorems of the information flow graph and security state of system are defined The access behaviors in cross-domains or cross-systems information systems are restricted by rules. Finally, the model's security are analyzed and validated based on security entropy, which indicates this model is better than others in the capability of indirect information flows protecting.
展开▼
