Application of Modified BLP Model on Mobile Web Operating System

Abstract

BLP model is a classic model of significant strategies of confidentiality. By classifying and marking the subjects and objects, it realizes the discretionary access control and mandatory access control. Existing system security models are mainly based on the improved BLP model. Along with the popularity of mobile devices, cross-platform system based on Web is attracting more and more attentions. For its advantages of high mobility, portability and scalability, Web OS is applied as mobile e-government system solution. However, the existing Web OSes provides low confidentiality, as well as ambiguous design of system security access control policy. Thus, they cannot satisfy the demands for the security of mobile egovernment system. This paper constructs the security model based on the analysis of BLP model, which achieves the abstract modeling of Web OS on intelligent terminal, and redefines the model elements, mapping functions, as well as access control policy on both the subject and object to improve its confidentiality. Since BLP model lacks the least privilege principle on trusted subject and integrity constraints, we redraw the security level of the subject and object, and add the tag of confidence level and role mapping function according to the existing Web OS model. Finally, we carry out the principle of least privilege, as well as the integrity constraints on subjects and isolation mechanism between domains, which can improve the security effectively.