| With the rapid development of informationization process and computernetworks, the fundamental, global and strategic role of basic information networksand critical information systems are increasingly significant. Basic informationnetworks and critical information systems have become new and important strategicresources for the development of nation and socialty. Securing basic informationnetworks and critical information systems and better safeguarding state security,public interests and social stability are the major problem that urgent need solves inthe current information technology development.Information security classified protection is the basic system, basic strategy andbasic approach of protecting national information security. Access control mechanismis the core of protecting sensitive information in information systems. Access controlsecurity models provide a theoretical basis for access control mechanisms ofinformation systems. In this dissertation, we focus on the multi-level securitytechnologies for information system classified protection and propose a series ofimproved models and technical solutions according to the technical standardGB17859-1999and GB/T25070-2010and based on the architecture of "one centerand triple protection". Our works not only have a certain theoretical significance, butalso have important potential applications for solving the problems faced by theinformation system classified protection.Our main works and contributions are as follows:1. To address the problem of protection and sharing of information ininformation systems with multi-level security, we first analyse the securityrequirements of information systems with multi-level security. Second, we extend theBLP model of the stand-alone computer system to the information system withmulti-level security, give new explanation for interpretations of subjects and objects ininformation systems, introduce the principle of need-to-share and the notion ofmulti-level object, and develop a new multi-level security model of informationsystem for securely sharing information. Finally, we present the formal description ofthe security model, define the full set of access rules that apply to the system, andprove the security of the information system. The new security model allowsinformation being securely shared with the right users and protected from the wronguser, while maintaining the multi-level security of information systems.2. In order to solve the issue that existing security models can not combineconfidentiality and integrity very well, we propose a new access control model whichunites the confidentiality and integrity. Then, we give the formal description of themodel, define the security property of the model, and analyse the security of the model. The new model is based on the assumption that confidentiality levels andintegrity levels of subjects and objects are independent. Confidentiality and integrityare two different security attributes of the object itself and exist at the same time.When security labels of the subject and object meet certain conditions, the modeladjusts confidentiality level or integrity level of the subject depending on the degreeof importance of confidentiality and integrity of the object security class. The newmodel resolves the question of the confidentiality and integrity of the informationsystem to a certain extent.3. Based on the architecture of "one center and triple protection", we firstpropose a multi-level security policy enforcement framework that extend the trustedcomputing base of the stand-alone computer system to the entire information systemand form a united security policy enforcement mechanism of the entire informationsystem. Second, we establish a multi-level security policy model on the basis of theframework. The multi-level security policy model can implement access control andinformation flow control. Then, we define the policies which users, processes anddevices in information systems need to follow when they exchange information.Finally, we present the formal description of the security policy model and prove thesecurity of the model. The new security policy model allows trusted and untrustedcomuter systems and other data processing device to connect to the informationsystem with a single security management center, processes sensitive informationwith different classifications, and provides services for users with different securityclearance levels.4. Because lacking of unified, mature technology systems in engineering practiceand standards for information system classified protection, we first analyse securityrequirements, design goals, and technical requirements of the fourth-class informationsystem according to "Technical requirements of security design for informationsystem classified protection". Then we introduce design ideas of secure protectionenvironment in the fourth-class information system and fully discuss multi-levelsecurity mechanism and implementation technology of secure protection environmentin the fourth-class information system. Finally, we develop technical solutions offeatures relative to multi-level security technology in computing node subsystem,secure area boundary subsystem and security management subsystem, trying toprovide a useful reference for security construction of information system classifiedprotection.
|
PDF Full Text Request