| This thesis proposes and implements a Secure Information Service Model, based on the General Security Model. This model integrates a few security technologies, such as authentication, authorization, access control, and audit etc. It's able to securely and reliably obtain customizing information in terms of the user's requirement. This model efficiently protects the user's privacy as well as satisfies its security performance's requirement, thus fulfilling the purpose of intelligent information service.Reference Monitor (RM), proposed by J.P. Anderson in 1972, is the theoretical foundation of security model for operating system. The author expends it into the field of Network Information Service, thus designs the Security Information Service Model. This model can provide secure service without any cost of losing performance. The author also addresses some functions should be accomplished by the model after considering user's requirement entirely. And then, the author discusses the technologies where the shoe pinches points are and the implementation methods in different applied environment. This model has the following characteristics:The establishment of trusted mechanism in distributed computing environment (Authentication and Access Control)The audit of operation's creditability in partly trusted environment, mutual intendance and cooperation (Audit)Secure control and protection of privacy (control method and protection of access policy)Two ways of effective extension Information Push Model: stronger information filtration and monitor Information Pull Model: more considering real-time performanceThis thesis dissertates the performance and characteristics of Security Information Service Model adequately. Associating with the running state and performance of black-box system having been realized base on the model, the author brings forward the further improving plan and lays a solid foundation for future work. |
PDF Full Text Request