Aiming at the problem that application programs in the same application class are conflict of interests, furthermore, menaces the security of application program, such as information leakage and information unauthorized modification,this paper proposes a novel Application Program Protection Model based on Chinese Wall security policy. The novel model explicitly distinguishs the easily confused concept between“subject”and“user”and assign the sensitive label to entity based the lattice structure,. It contains of seven access control rules, and thus considers to equally protecting the confidentiality and integrity of information. Formally, it describes the basic elements and access control rules of the model, moreover, it discusses the application of the model in practice. This paper contributes on the researches on the protection of application program.% 针对当前系统中属于相同应用类中的应用程序产生利益冲突,可能威胁应用程序安全,包括信息泄露和信息未授权的修改。文章基于中国墙策略,提出了一个新的应用保护模型,该模型明确地区分了主体和用户的概念,并基于格的属性对于实体分配了敏感标记,通过七条访问控制规则,等同地考虑了信息的机密性和完整性保护。基于一阶谓词逻辑,形式化地描述了模型的基本元素及访问控制规则,进一步讨论了模型在实际中的应用。
展开▼
