期刊文献+
任意字段
题名或关键词
题名
关键词
文摘
作者
第一作者
机构
刊名
分类号
参考文献
作者简介
基金资助
栏目信息

基于状态迁移的网络安全联动策略模型 被引量:1

A Network Security Interaction Policy Model Based on Status Transition
下载PDF
导出
摘要 针对网络安全联动系统中安全策略结构日益复杂,数量不断增多所带来的策略冲突、效率低下、冗余等问题,文章采用形式化分析的方法对安全联动防卫策略的完备性、一致性和冗余性进行了定义及分析,提出了一种基于状态迁移的网络安全联动策略模型。该模型由实体、状态、服务三层构成,通过状态迁移过程分析实体之间的关系,并由服务层提供构造、检测等分析组件确保系统稳定运行。该模型实现了策略从生成、应用到失效的全生命周期管理。 In order to avoid conflict, inefficacy and redundancy which come with the more complex policy structure in network security interaction system, a network security interaction policy model based on status transition is proposed. In the model, the integrity, coherence and redundancy are defined and analyzed in formal approach. The policy model, which consists of entity layer, status layer and service layer, analyzes the relationships of entities according to status transition, and the construction, detection modules are offered in order to ensure the system's stabilization. The management of policy's lifecycle is also described in the model.
作者 张焕 曹万华 冯力 朱丽娜
机构地区 武汉数字工程研究所
出处 《舰船电子工程》 2009年第3期124-127,共4页 Ship Electronic Engineering
基金 国防"十一五"预研计划项目(编号:C0820061362-06 A1420080183)资助
关键词 安全策略 完备性 一致性 冗余性 状态迁移 security policy, integrity, coherence, redundancy, status transition
分类号 TP393.08 [自动化与计算机技术—计算机应用技术]
  • 相关文献

参考文献7

二级参考文献14

  • 1Marshall D. Abrams, and Michael V. Joyce. New thinking about information technology security [J ]. Computers & Security, 1995,14( 1 ) :69-81. 被引量:1
  • 2Marshall D. Abrams, mad Michael V. Joyce. Trusted computing update[J]. Computers & Security, 1995,14( 1 ) :57 - 68. 被引量:1
  • 3Marshall D. Abrams, and Michael V. Joyce. Trusted system concepts[J]. Computers & Security, 1995,14( 1 ) :45 - 56. 被引量:1
  • 4Jonathan Moffett, Morris Sloman and Kevin Twidle. Specifying discretionary access control policy for distributed systems [ J ]. Computer Communications, 1990,13(9) :571 - 580. 被引量:1
  • 5Tatyana Ryutov and Clifford Neuman. Representation and Evaluation of Security Policies for Distributed System Services[ A]. DARPA Information Survivability Conference and Exposition[ C]. Hilton Head Island,SC, USA: DISCE, 2000. 被引量:1
  • 6C Bidan and V Issamy. Dealing wilh Multi-Pohcy Security in Large Open Distributed Systems[ A]. Proceedings of 5th European Symposium on Research in Computer Security [ C ]. Louvain-la-Neuve, Belgium: ESRCS, 1998.51 - 66. 被引量:1
  • 7Sandhu RS. Lattice-Based access control models. IEEE Computer, 1993,26(11):9-19. 被引量:1
  • 8Thomsen DJ, Haigh JT. A comparison of type enforcement and Unix setuid implementation of well-formed transactions. In: Proc. of the 6th Annual Computer Security Applications Conf. Tucson: IEEE Computer Society Press, 1990. 304~312. 被引量:1
  • 9Clark DD, Wilson DR. A comparison of commercial and military computer security policies. In: Proc. of the 1987 IEEE Symp. on Security and Privacy. Oakland: IEEE Computer Society Press, 1987. 184-194. 被引量:1
  • 10Rushby J. Noninterference, transitivity, and channel-control security policies. Technical Report, CSL-92-02, Menlo Park: Stanford Research Institute, 1992. 被引量:1

共引文献30

同被引文献10

引证文献1

二级引证文献3

舰船电子工程
2009年 第3期

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部