多域互操作环境下风险关联与评估算法研究-智能与分布计算实验室

多域互操作环境下风险关联与评估算法研究

姓名	吉勇
论文答辩日期	2007.01.26
论文提交日期	2007.02.05
论文级别	硕士
中文题名	多域互操作环境下风险关联与评估算法研究
英文题名	Risk Correlation and Assessment Algorithms for Secure Interoperation In Multi-Domain Environment
导师1	李瑞轩
导师2
中文关键词	安全互操作;风险;多域;关联;漏洞
英文关键词	Security Interoperation;Risk;Multi-Domain;Correlation;Vulnerability
中文文摘	随着网络和分布式系统技术的飞速发展，大规模分布式系统数量将急剧增加。为了简化分布异构环境，人们采用自治域(Autonomous Domain)的方法将这种环境进行分割，因此从安全角度理解，分布式系统实际是由很多自治域（简称域）构成，它们所形成的计算环境称为多域环境。在这种环境下，信息和数据的共享程度比传统集中环境大幅提高。数据不仅可以被本域系统用户访问，同时也可被其他自治域系统用户访问。这种互联、互通、互操作带来的安全风险也将大幅提高。因此如何保证在信息资源安全互操作的同时，互操作风险也能得到有效的控制，以及在此基础上建立一套基于风险的多域访问控制机制，这种研究既具有理论意义也具有重大的实用价值。针对多域环境下自治域系统可能采用异构的安全策略以及自身大量的信息漏洞，这样互操作风险纷繁复杂，风险评估处于低水平低效率循环的实际问题，给出了多域互操作风险关联算法以及在此基础上的风险评估算法。主要工作为：（1）介绍了多域互操作与风险的基本概念，并着重分析了多域互操作环境下关键的安全问题、互操作风险特点以及风险分析建模方法。（2）针对复杂异构的多域环境，自治域系统互操作会产生大量重复相关的风险事件，提取多域互操作中相邻风险事件的相似特征，采用模糊评判的方法，根据风险特征因素集来进行匹配，从而将多域互操作环境下风险事件进行关联。（3）在风险关联基础上，对于关联风险攻击过程进行了计算和评估。与传统评估方法相比，采用了漏洞关联性来描述相关风险事件，并结合相关攻击链理论，评估多域互操作环境下风险模板事件的风险。（4）在互操作风险评估研究基础上，设计并实现了基于互操作的风险计算和权限调整算法，它能够基于多域业务系统间当前交互的风险状况，动态调整用户访问的权限，以达到对自治域系统安全互操作风险的实时控制。
英文文摘	With the development of Internet and distributed system technology, massive distributed system is largely increased. In order to simplify the distributed and complicated system, the autonomous domain method is used to split the distributed application system. Therefore from the point of security, the distributed system is composed of multi-domain in the reality. it is more easier to share the data and interoperate directly among the different distributed domains than only single domain. However the interoperation risk is largely increased. So how to ensure interoperation risk in multi-domain effectively controlled, and establish secure access control method at the basis of risk, it is necessary to study and analysis in reality and academic theory. Under the circumstance of different secure policy adopted and a large number of information vulnerability in multi-domain environment, risk assessment may be in low effectively cycle state. The work mainly focuses on two things, interoperation risk correlation and risk assessment. The main works were listed as follows: (1) Introduce the things about the secure interoperation and traditional risk assessment theory. Give risk trait in secure interoperation and risk analysis modeling. (2) A risk correlation method has been given based on analyzing the risk correlation character, This method correlates with kinds of risk factors, By means of these skills list above, it can effectively detect and identify the same risk event, capture all kinds of risk events .The concept of risk exponent is also introduced during Interoperation in Multi Autonomous Domains takes into account the requirement of the generalization ability and the most excellent answer in limited conditions. (3) New multi-stage correlation risk events are calculated and assessed. Compared with other risk assessment methods, a new idea of vulnerability correlation and the theory of attack chains during multi-stages risk correlation in multi-domain’s secure interoperation is introduced in the paper. (4) A risk arithmetic and dynamic authorization technology is introduced, which guarantee the security during multi-domains in good time.