摘要
信息系统在社会中发挥着重要的作用,面临的安全问题日益严重。传统信息安全防御技术主要基于已知攻击方法或漏洞进行防御,无法有效应对未知攻击的威胁,难以全面防护Web系统的安全,基于动态异构冗余架构为拟态安全信息系统提供了本质安全和内生安全。研究了拟态信息系统的架构特征,给出了拟态安全信息系统的测评方法,并对拟态属性的验证方法和技术进行了分析。
Information systems play an important role in society,and the security problems are becoming more and more serious.Traditional information security defense technologies are mainly based on known attack methods or vulnerabilities,and cannot effectively deal with the threat of unknown attacks.To protect the security of the Web system,the intrinsic security and endogenous security are provided for the mimic security information system based on the dynamic heterogeneous redundancy architecture.In this paper,the architecture characteristics of mimic information system are studied,and the evaluation method of mimic security information system is given.The verification methods and techniques of mimic attributes are analyzed.
作者
李建军
Li Jianjun(The 32nd Institute of China Electronics Technology Group Corporation,Shanghai 201808,China;National Engineering Software Product Quality Supervision and Inspection Center,Shanghai 201808,China)
出处
《信息技术与网络安全》
2019年第4期33-36,共4页
Information Technology and Network Security
关键词
动态异构冗余
拟态安全
拟态安全信息系统
测试验证
dynamic heterogeneous redundancy
mimic security
mimic security information system
test verification
