北京邮电大学学报

  • EI核心期刊

北京邮电大学学报 ›› 2009, Vol. 32 ›› Issue (2): 57-61.doi: 10.13190/jbupt.200902.57.qinhw

• 论文 • 上一篇    下一篇

入侵容忍系统的安全态势评估

秦华旺 戴跃伟 王执铨   

  1. 南京理工大学 南京理工大学 南京理工大学
  • 收稿日期:2008-09-13 修回日期:2008-12-15 出版日期:2009-04-28 发布日期:2009-04-28
  • 通讯作者: 秦华旺

Security Situation Evaluation of Intrusion Tolerant System

QIN Hua-Wang Yue-Wei DAI Zhi-Quan WANG   

  • Received:2008-09-13 Revised:2008-12-15 Online:2009-04-28 Published:2009-04-28
  • Contact: QIN Hua-Wang

摘要:

根据入侵容忍系统与一般网络系统相比所具有的特点,提出了一种专门针对入侵容忍系统的安全态势评估方法. 基于入侵对系统所造成的影响以及入侵容忍的功能,构建了数据机密度、数据完整度、服务可用度3个评估指标,并根据各指标的特点给出了其量化方法,然后通过对这3个指标的定量计算来动态评估入侵容忍系统的安全态势. 实验表明,所提方法是一种便于操作的态势评估方法,所得到的安全态势能反映出入侵容忍系统的真实安全状况.

关键词: 入侵容忍, 安全, 态势评估, 评估指标, 网络安全

Abstract:

According to the features of intrusion tolerant system compared to ordinary network system, an evaluating the security situation special for intrusion tolerantsystem is proposed. Three evaluation indexes are included: firstly, the confidentiality of data, the integrality of data and the usability of service are proposed based on the influence of intrusion and the function of intrusion tolerance. Secondly, the ways of quantifying the indexes are given according to the features of each index, and thirdly, the security situation of intrusion tolerant system is evaluated dynamically through computing the three evaluation indexes. Experiment shows that the method is easy to be operated, and reflects the actual security status of intrusion tolerant system.

Key words: intrusion tolerance, security, situation evaluation, evaluation index, network security