| 释义 |
Bell-La Padula model “secure”, if the only permitted access modes of subjects to objects are in accordance with a specific security policy.In order to determine whether or not a specific access mode is allowed, the clearance of a subject is compared to the classification of the object, and a determination is made as to whether the subject is authorized for the specific access mode.The clearance/classifica-tion scheme is expressed in terms of a lattice.;计算机安全学中一种计算机安全政策的形式变换模型,描述了一系列存取控制规则。在这个模型中,一个计算机系统实体被分为主体和客体的抽象集,定义了安全状态的概念,只在安全状态间进行移动,由此证明状态变迁保证安全性,进而证明系统是安全的。当主体对客体的容许存取模式与安全性政策一致时,系统状态定义为“安全”。为确定某个存取模式是否合法,必须把主体的容许与客体的分类信息进行比较,并决定某种存取模式对主体来说是否合法。这种容许/分类关系图是以格子的形式表达的。 |