In order to protect the confidentiality and integrity of the high security level information in XML documents, by improving security labels of objects, *-property and three conversion rules of security states, this paper proposes Integrity-enhanced BLP(IEBLP) model. Analysis result shows that it can satisfy the requirements of confidentiality and integrity of the information simultaneously, and realizes fine-grained Mandatory Access Control(MAC) in XML documents.%为满足XML文档中高安全等级信息机密性和完整性的保护需求,通过对BLP模型的客体安全标签、*-属性及3条安全状态转换规则进行改进,提出一种完整性增强的BLP(IEBLP)模型,分析结果证明,该模型能同时满足数据机密性和完整性要求,并能较好地在XML文档中实现细粒度的强制访问控制.
展开▼
