强制访问控制

我们还分析了强制访问控制的不足、对策以及可能造成的性能损失。

We also analyze the shortcoming of MAC , its countermeasure and possible performance decrease .

定义了强制访问控制策略下XML文档的有效性，提高了处理有效文档的系统的可用性。

The validation of XML documents under MAC policy is defined to improve the usability of systems processing valid documents .

基于C级数据库管理系统的强制访问控制模块的设计

The Mandatory Access Control Module Design based on C DBMS

一个改进的细粒度XML文档强制访问控制模型

Improved Fine-grained Mandatory Access Control Model for XML Document

基于LogicSQL数据库的强制访问控制研究

Research of mandatory access control based on the database of Logic SQL

基于Linux的强制访问控制机制及其安全测试自动化的研究

Implementation and Automatic Testing of Mandatory Access Control on Linux

基于强制访问控制的安全Linux系统设计与实现

Design and Implementation of Secure Linux System Based on Mandatory Access Control

在LINUX核心实施强制访问控制

Enforcing Mandatory Access Control in Linux Kernel

对于Linux内核来说，强制访问控制和基于角色的访问控制都是相对较新的功能。

Mandatory access control and role-based access control are relatively new to the Linux kernel .

这种控制类型称为强制访问控制（MAC）。

This type of control is called mandatory access control ( MAC ) .

取而代之的，NSA长期以来一直希望操作系统同样能支持“强制访问控制（mandatoryaccesscontrol）”（MAC）机制。

Instead , NSA has long wanted operating systems to also support " mandatory access control "( MAC ) mechanisms .

结合强制访问控制实现基于IPSec协议的网络安全模型

Implementing Network Security Model Based on IPSec Protocol Integrating with Mandatory Access Control

到目前为止，SELinux是针对Linux的最有名的MAC系统（强制访问控制）。

SELinux is by far the most well-known MAC system for Linux ( mandatory access control ) .

它比强制访问控制（MAC）和自主访问控制（DAC）更适用于非军事的数据处理。

It is appropriate for industry and civilian government than Mandatory Access Control and Discretionary Access Control .

本文围绕安全操作系统中强制访问控制部分的理论和研究，自行构建了Linux系统的强制访问控制机制。

This paper studied the theory and related research about Mandatory Access Control in Secure OS based on what I enhanced the MAC mechanism on Linux .

本论文主要在文件访问控制和特权管理这两方面对Linux的安全性进行增强，即实现了细粒度的自主访问控制、强制访问控制、以及最小特权管理。

This paper enhances the Linux operating system security mainly by finest granularity Discretionary Access Control ( DAC ), Mandatory access control ( MAC ) and Least Privilege Management .

本文着重论述利用Linux支持的可加载内核模块实现的基于强制访问控制的Linux安全操作系统的体系结构及其功能单元和相关技术细节。

This paper focuses on discussing the architecture of the MAC - based Linux security operating system implemented with LKM supported by Linux , and introduces the key technica of implementation .

基于PostgreSQL的强制访问控制的实现

Implementation of Mandatory Access Control Based on PostgreSQL

同传统的自由访问控制（DAC）和强制访问控制（MAC）相比，基于角色的访问控制（RBAC）代表了在灵活性和控制粒度上的一个重大进步。

Role-based access control ( RBAC ) represents an important advancement in flexibility and granularity of control from the classical discretionary and mandatory access control .

常见的访问控制方式有：自主访问控制（DAC）和强制访问控制（MAC）以及基于角色的访问控制（RBAC）。

Access control models include : conventional discretionary access control ( DAC ), mandatory access control ( MAC ) and role-based access control ( RBAC ) .

它包括构建在FluxAdvancedSecurityKernel（Flask）安全架构之上的强制访问控制，后者包括以插件模块形式提供的类型强制和多级安全（MLS）。

It includes mandatory access control built on top of the Flux Advanced Security Kernel ( Flask ) security architecture , including type enforcement and multilevel security ( MLS ), all as plug-in modules .

传统的自主访问控制（DAC）和强制访问控制（MAC）由于使用的局限性，已经不能满足现代应用系统对安全性的要求。

Traditional discretionary access control ( DAC ) and mandatory access control ( MAC ) due to the use of limitations , they can no longer meet modern requirements for safety .

通过执行网络相关操作的强制访问控制策略，并根据IPSec协议对网络通信执行强制加密策略，从而构造具有广泛适应性的网络安全体系结构模型。

In this paper , the widely flexible network security architecture model is constructed by providing network related mandatory access control policy and performing mandatory encryption policy on network communication based on IPSec protocols .

KYLIN操作系统在内核实现了基于角色定权的强制访问控制框架（RBA），用于保障系统的安全。

KYLIN OS implemented the role-based mandatory access control framework ( RBA ) in the kernel to protect the safety of the system .

本文基于这一强制访问控制机制，在XEN虚拟机环境上设计并实现了一个访问控制系统的原型，并做了相关试验。

Based on this access control mechanism , a prototype system is designed and implemented in the XEN virtual machine environment , and do the relevant experiment .

安全系统对Linux系统资源实施强制访问控制，保护资源的机密性、完整性，系统具有入侵追踪功能，能够很好地抵御本地与网络入侵。

The secure system implement the mandatory access control policy , and protect the confidentiality and integrity of the resources in linux . The secure system can trace back to the information of the attacker , and resist the attacks from local or remote .

提出了一种基于P2DR的、不可旁路的强制访问控制技术。

A mandatory access control technique is proposed which is based on P2DR and cannot be bypassed .

其中强制访问控制是安全数据模型中最重要的部分，是系统安全等级能否达到B1级的重要决定因素。

Mandatory Access Control ( MAC ) is the most important part of the secure data model and is a fatal factor which determines whether a secure level of the database system can reach Bl level .

基于角色的访问控制（RBAC）具有角色层次、最小特权和权限分离等重要特性，与自主访问控制（DAC）和强制访问控制（MAC）相比，更加适合多域环境下的访问控制应用。

Compared with Discretionary Access Control ( DAC ) and Mandatory Access Control ( MAC ), Role-based access control ( RBAC ) with Role Hierarchy , Least Privilege , Separation of Duty and other important characteristics , is more suitable for access control applications in multi-domain environment .

将基于角色的访问控制（RBAC）与强制访问控制（MAC）相结合，提出了面向变电站信息模型的访问控制（SIMOAC）。

Normal access control model cannot settle substation access control management problem . Therefore , combined with role based access control ( RBAC ) and mandatory access control ( MAC ), a substation information model oriented access control ( SIMOAC ) is proposed .