多域环境的安全策略管理框架研究

Study on the Security Policy Management Frameworkin Multi-domain Environment

作者：罗万伯(四川大学计算机学院，四川成都 610064)；罗霄岚(Univ. of Maryland Biotechnology Institute,MD 20886,US)；陈炜(Univ. of Maryland Biotechnology Institute,MD 20886,US)

Author：(School of Computer,Sichuan Univ.，Chengdu 610064,China)；(Univ. of Maryland Biotechnology Inst.,MD 20886,US)；(Univ. of Maryland Biotechnology Inst.,MD 20886,US)

收稿日期：2005-06-20 年卷（期）页码：2006,38(2):114-117

期刊名称：工程科学与技术

Journal Name：Advanced Engineering Sciences

关键字：安全策略；安全策略管理框架；信息安全；自治域；多域

Key words：security policy;security policies management framework;information security; autonomous domain;multi-domain

基金项目：国家自然科学基金资助项目(10076011)

中文摘要

安全策略在信息安全及可信计算环境中具有十分重要的作用。为了在多域环境下一致地管理和实施安全策略，提出并设计了一个可扩展的、非集中式安全策略管理框架。它使用通用、精确和中立的安全策略规范语言来描述安全策略；对各种安全模型及其安全策略进行分析，抽象出策略语义；根据安全策略模型，实现不同域、不同安全实体和不同安全设施的安全策略之间的统一接口，以便管理和控制访问、授权、加密机制、机密性、完整性和可用性等。用Java实现了一个基本的安全策略管理框架。

英文摘要

The security policies play important roles in information security and trusted computing environments. An extensible and de centralized security policy management framework was proposed to manage security policies consistently in multi domain environments. Ｔhis framework employs a common, precise and neutral specification language of security policies to describe security policies， analyzes the security models and its policies to extract policy semantics, and builds a security policies model framework to perform a universal API to manage and control the access, authorization, cryptograph, confidentiality, integrity and availability among the policies of different domain, entities and facilities. A basic framework of security policies was implemented in Java language.

【关闭】

论文摘要

多域环境的安全策略管理框架研究

Study on the Security Policy Management Frameworkin Multi-domain Environment