Author_Institution :
Inf. Security Inst., Sichuan Univ., Chengdu, China
Abstract :
Information security is a combination of confidentiality, integrity and availability, and the problem is how to combine them organically. There is a method based on a planar vector concerning the confidentiality and integrity in the paper of Sandhu, (1993), but this method isn´t sufficient, so this paper presents a lattice model. A new function H(N, α, β) of information security, based on confidentiality and integrity, is introduced. The safety classification of the object is divided by the H(N, α, β) value, the information flow policy is described by the function value of two objects and a new information flow lattice model is obtained. The model satisfies the characteristic of Denning (1976), and is found to be reasonable and safe by verification. The model is also an expansion of the lattice-based BLP model and the lattice-based Biba model.
Keywords :
data integrity; data privacy; information systems; security of data; information availability; information flow lattice model; information flow policy; information integrity; information security function; lattice-based BLP model; lattice-based Biba model; planar vector; safety object classification; Access control; Educational institutions; Information security; Information systems; Lattices; Mathematical model; Mathematics; Protection; Safety; Upper bound;
