A New Application Security Framework Based on TCB Subsets
The security of application system is important for keeping the information system secure. It is necessary to make sure that the access control of application layer is reliable and effective. In order to achieve this purpose a new application security framework is proposed based on TCB subsets. In this framework,the reference monitors which are regarded as TCB subsets,are established respectively in both application layer and system layer according to the policy subsets. The two reference monitors are connected by secure pipeline,which ensures the access control mechanisms not to be tampered or bypassed. The features of secure pipeline and the process of access control are analyzed. This framework ensures the effectivity and reliability of access control mechanism of application layer.
application securyty TCB subset access control secure pipeline
Yong Li Jian Lin
Institute of Electronic Technology,PLA Information Engineering University,Zhengzhou 450004,China Institute of Computing Technology,Chinese Academy of Sciences,Beijing 100190,China
国际会议
南宁
英文
330-334
2010-12-10(万方平台首次上网日期,不代表论文的发表时间)