中国科学院软件研究所机构知识库
Advanced  
ISCAS OpenIR  > 软件所图书馆  > 期刊论文
Title:
一种基于UML的网络安全体系建模分析方法
Alternative Title: UML-based modeling method of network security infrastructure
Author: 布宁 ; 刘玉岭 ; 连一峰 ; 黄亮
Corresponding Author: Bu, Ning
Keyword: 网络安全体系 ; UML建模 ; 安全目标 ; 安全边界 ; 安全措施 ; network security infrastructure ; UML modeling ; security goals ; security boundary ; security measures
Source: 计算机研究与发展
Issued Date: 2014
Volume: 51, Issue:7, Pages:1578-1593
Indexed Type: EI ; CSCD
Department: 中国信息安全认证中心 北京 100020 中国科学院软件研究所可信计算与信息保障实验室 北京 100190
Abstract: 在现有法律法规和标准体系的指导下,提出了一种通用的网络安全体系框架,阐述了安全目标、安全边界、安全体系要素与安全服务和安全风险评估之间的关系.在网络安全体系框架的基础上,利用统一建模语言(Unified Modeling Language,UML)在建模表述上的强大性和通用性给出了安全目标、安全边界和安全体系要素的建模方法,以规范化安全体系的表示形式并消除沟通中的歧义性.利用建立的模型,安全管理员使用提出的网络安全建模分析方法,可以验证业务流程的目标满足性并得出可能的安全风险.最后通过一个典型网上银行网络的建模分析,验证了提出的安全体系框架和建模分析方法的有效性和合理性.相比于传统的方法,该方法建模分析要素更为全面,且推导得出的结果指导性更强.
English Abstract: Under the guidance of existing laws, regulations and standards, a general framework of network security infrastructure is proposed. The proposed infrastructure discusseds the relations between security objectives, security boundary, security infrastructure elements and security risk assessment. Based on this infrastructure, we present our modeling approaches of security objectives, security boundary and security infrastructure elements using UML's standard and powerful modeling ability. Our modeling methods can eliminate the ambiguity in communication and make the representation of security system be standardized. Using our analysis methods, security administrators can validate how the business processes meet to the business goals and get the security risk of the system. By modeling an online banking, the proposed security framework and modeling methods' validity and rationality are verified. The proposed approach can help security administrators model the network security system in a visualization method. Based on modal logic, security administrators can deduce the logical relationships between each element and the results can guide security administrators to deploy proper security measures. Compared with the existing methods, the method of this paper is more comprehensive and has stronger guiding significance.
Language: 中文
Citation statistics:
Content Type: 期刊论文
URI: http://ir.iscas.ac.cn/handle/311060/16729
Appears in Collections:软件所图书馆_期刊论文

Files in This Item:
File Name/ File Size Content Type Version Access License
一种基于UML的网络安全体系建模分析方法.pdf(4676KB)期刊论文作者接受稿限制开放 联系获取全文

Recommended Citation:
布宁,刘玉岭,连一峰,等. 一种基于UML的网络安全体系建模分析方法[J]. 计算机研究与发展,2014-01-01,51(7):1578-1593.
Service
Recommend this item
Sava as my favorate item
Show this item's statistics
Export Endnote File
Google Scholar
Similar articles in Google Scholar
[布宁]'s Articles
[刘玉岭]'s Articles
[连一峰]'s Articles
CSDL cross search
Similar articles in CSDL Cross Search
[布宁]‘s Articles
[刘玉岭]‘s Articles
[连一峰]‘s Articles
Related Copyright Policies
Null
Social Bookmarking
Add to CiteULike Add to Connotea Add to Del.icio.us Add to Digg Add to Reddit
所有评论 (0)
暂无评论
 
评注功能仅针对注册用户开放,请您登录
您对该条目有什么异议,请填写以下表单,管理员会尽快联系您。
内 容:
Email:  *
单位:
验证码:   刷新
您在IR的使用过程中有什么好的想法或者建议可以反馈给我们。
标 题:
 *
内 容:
Email:  *
验证码:   刷新

Items in IR are protected by copyright, with all rights reserved, unless otherwise indicated.

 

 

Valid XHTML 1.0!
Copyright © 2007-2019  中国科学院软件研究所 - Feedback
Powered by CSpace