The Multistage Interconnection Access Control Model Based On Information Flow Is Strong Constraint

According to the GB17859-1999, the information system can be divided into five classes.The strength of security policy and security mechanism in different classes increases from thefirst one, which is called “level protection”. It is considered as the basic rule of our informationsecurity. Access control is the basic and direct way of realizing the important informationresources protection, as well as the primary aspect of “level protection”. However, the currentaccess control model and method can not effectively solve such problems as the intrasystem andintersystem irregular indirect access, resulting in the serious indirect risk of informationrevelation. Therefore, against the background of Cross-Multi-Class information system, thispaper originates a series of access control models, which works in different classes andinterconnection modes. In addition, security entropy is put forward, based on which, the securityof the model is proved. Specifically, the main contents of this paper are as below:1. In order to solve the problem of security proof of access control in multi-class interconnection system,a security entropy-based quantitative analysis theory is proposed. Firstly, the policy security entropy is definedaccording to the weighted entropy in the information theory, and uncertainties calculate method is put forwardto determine the irregular access behaviors. Secondly, aiming at the direct violation, flow violation and indirectviolation, calculation method for security entropy are proposed respectively. Besides, weighs option method isgiven based on availability and confidentiality. Thirdly, based on the security entropy, the method ofdetermining the possibility of irregular access is presented. With the quantitative analysis of the typical accesscontrol model, the effectiveness of this method is verified, and the insufficient of the current model isindicated.2. Based on the security entropy theory, the subsystem security theorem in different classesand different interconnection modes in multi-class interconnection system is proposed. Firstly,class-protection is analyzed, the security conditions of two, three, and four-class subsystemunder non-interconnection mode are proposed in the form of security entropy, laying thefoundation for the security certification of the single subsystem state machine. Then, securityentropy is extended, and the concept of the united security entropy is proposed. Based on theunited security entropy theory, the security theorem of the multi-class access control system usedin different interconnection modes is presented, laying the theoretical foundation for the securitycertification of the multi-class interconnection access control model.3. The single-class access control model based on信息流强约束is put forward, and theproblem of intrasystem irregular indirect information stream is solved. Firstly, the method ofaccess security based on the information stream graph is raised. Then, based on the information stream graph, users’ indirect irregular accesses are strongly constrained. Secondly, thesingle-class subsystem state machine is modeled, as well as the system state, the state conversionrule, the auto machine and the system are defined. In addition, security theorems of the systemstate, the state conversion rule, the auto machine and the system are given, and their security isproved. Finally, the realization of rules for the two, three and four-class subsystem state machineis proposed, and its security is proved.4. Based on the united control, the article puts forward the multi-class interconnectionaccess control model, through which, risks such as cross-class irregular indirect informationstream, wrong information flow, counterfeiting of user’s security identifiers in the multi-classinterconnection system is solved. Firstly, the multi-class interconnection access control system ismodeled, and security domain, system class, trust matrix, interconnection mode andadministrator are added. Besides, the multi-class interconnection system is described completely.Secondly, The security theorem of multi-class interconnection access control model is given.Based on multi-class information stream graph, through the united control of users’cross-domain and cross-class access, the consistency of different class subsystem controlirregular access is kept. Thirdly, based on the security entropy theory, the security of the modelis proved. Finally, the rule set of subsystem state machine in six classes is given, which cansupport the multi-class interconnection system in different interconnection model.In conclusion, an access control theory system suited to multi-class interconnection systemis formed in this paper, which provides the theoretical foundation for the security informationsharing in the information system of different interconnection modes and security classes.