【作者】 李丽萍； 卿斯汉； 贺也平；

【Author】 Li Li-Ping, Qing Si-Han, He Ye-Ping Institute of Software, The Chinese Academy of Sciences, Beijing 100080, China

【机构】 中国科学院软件研究所；

【摘要】 为解决LSM在策略重用和策略共存方面存在的问题,提出一个新的安全体系结构ELSM,引入模型组合器作为主模块实施模块堆栈管理和模块决策管理,后者基于访问控制空间的策略规范方法以实现通用性。本文介绍了ELSM的设计实现并给出了安胜OS安全操作系统中的实例。更多还原

【Abstract】 To solve the problems of policy reusability and policy co-existence, a new security architecture ELSM is proposed. It introduced Model Combiner as main module to implement module stack management and module decision management. Module decision is based on access control space as policy specification for general support. This paper illustrated the design of ELSM and gave the ERCIST OS implementation as an example.更多还原