权益分类	功能权益	普通用户	{{item.name}}会员
{{category.name}}	{{benefitItem.name}}

On Desing of Access Control for Database Systems

数据库系统访问控制的设计

基本信息

批准号：
07455163
负责人：
TSUJII Shigeo
金额：
$ 3.46万
依托单位：
Chuo University
依托单位国家：
日本
项目类别：
Grant-in-Aid for Scientific Research (B)
财政年份：
1995
资助国家：
日本
起止时间：
1995 至 1996
项目状态：
已结题

来源：
https://kaken.nii.ac.jp/grant/KAKENHI-PROJECT-07455163/
关键词：
data base access control information security 隠れチャンネル

项目摘要

To control the access right of users to data base systems concentrically is one of the approaches for solving to the problem. A systematic model for the approach is called the security model. Typical security models are a mandatory model of the Bell and LaPadula model (summarize BLP) and a discretionaly model using an access matrix. The BLP is defined security levels for information and users. An access right of users is controlled by comparing the security levels of the users and the information. Direction of the information flows are defined by the security levels.On the other haid, the discretionaly model using an access matrix an access matrix has an advantage to be able to look aroud information flows all over the users. But there is a problem that the indirect information flows are caused by writing any information to the other information, and consequently, confidentiality and integrity for the information are damaged. And if access right is changed, we have a further problem th … More at the access matrix which has been secure before changing access right is not secure. But reports of this type of research have apparently not been published to date.This research proposes a security model and reification method to detect the indirect information flows and to verify whether information is secure or not. For the security model proposed, a Hierarchical Time Petri Net (H-TPN), which is an extended not of the Hierarchical Petri Net, is defimed. The H-TPN is introduced time parameter and colored tokens in the Hierarchical Petri Net. The information flows in the access matrix are described by the paths on the H-TPN whose places describe users and information. The time parameter is defined in the transitions of the H-TPN.Colored tokens, which are divided into two types, are introduced to reduce complexity of toke'n propagation paths, The one type of the colored tokens describes information to be verified, the others describe information not to be verified. Operation rules between colored tokens are defined.In the proposed security model, we will show very interesting properties for the security with regard to the time. The properites are a condition to be secure till a certain time and a condition to be secure from a certain time to a certain future time. Less

集中控制用户对数据库系统的访问权限是解决这一问题的途径之一。这种方法的系统模型称为安全模型。典型的安全模型是Bell和LaPadula模型（简称BLP）的强制模型和使用访问矩阵的离散模型。BLP是为信息和用户定义的安全级别。通过比较用户和信息的安全级别来控制用户的访问权限。信息流的方向是由安全级别来定义的，另一方面，使用访问矩阵的离散模型具有能够查看所有用户的信息流的优点。但是存在的问题是，通过将任何信息写入其他信息而引起间接信息流，因此，信息的机密性和完整性受到损害。如果访问权限被更改，我们还有一个问题， ...更多信息在改变访问权之前已经安全的访问矩阵是不安全的。本研究提出一个安全模型与具体化方法，以侦测间接资讯流，并验证资讯是否安全。针对所提出的安全模型，定义了一种层次时间Petri网（H-TPN），它是层次Petri网的扩展。H-TPN是在层次Petri网中引入时间参数和有色标记的一种Petri网。访问矩阵中的信息流由H-TPN上的路径描述，其位置描述用户和信息。在H-TPN的变迁中定义了时间参数，并引入了两类有色令牌，以降低令牌传播路径的复杂度，一类有色令牌描述待验证信息，另一类有色令牌描述不待验证信息。在提出的安全模型中，我们将展示关于时间的安全性的非常有趣的性质。财产是在一定时间之前保持安全的条件，也是从一定时间到未来一定时间保持安全的条件。少