文献《在线证书状态协议的改进及应用》[1]提出了一个基于OCSP(Online Certificate Status Protocol,在线证书状态协议)查询的数字签名验证应用方案,这个方案的安全性与可行性是值得商榷的。该文给出了一种攻击方法,并分析了其中的几个问题及问题产生的根源;最后给出了一种解决方案。
In this paper,the Bell-LaPadula formal model for secure computer systems is introduced,and the key theoretical results are proved. In addition, we also point out that the sufficient and necessary condition,given by reference[11], for secure information system is wrong. Exploiting a new concept,the correct sufficient and necessary condition is presented.