位置:成果数据库 > 期刊 > 期刊详情页
一种实用动态完整性保护模型的形式化分析
  • ISSN号:1000-1239
  • 期刊名称:计算机研究与发展
  • 时间:2013.10.15
  • 页码:2082-2091
  • 分类:TP309[自动化与计算机技术—计算机系统结构;自动化与计算机技术—计算机科学与技术]
  • 作者机构:[1]清华大学生命科学学院,北京100084, [2]北京大学信息科学技术学院,北京100871, [3]国家计算机网络应急技术处理协调中心,北京100029, [4]北京交通大学软件学院,北京100044
  • 相关基金:国家自然科学基金项目(61170263,61003230)
  • 相关项目:无线射频识别系统中继攻击的抵御机制研究
作者: 唐礼勇|孔令波|胡建斌|陈钟|
关键词: 完整性策略, 形式化模型, 动态完整性级别, 实用完整性, 动态完整性保护模型, integrity policy, formal model, dynamic protection model (DMIP) integrity level, usable integrity, dynamic integrity
中文摘要:

从完整性保护模型提出到现在,其成熟度远不如机密性模型.究其原因,完整级划分以及模型实用性是制约其发展的根本因素.从完整性模型的实用性角度出发,归纳总结几种现有完整性保护模型的优缺点,提出了一种实用型的动态完整性保护模型(dynamic integrity protection model, DMIP).它面向Linux系统,解决了完整性级别划分困难以及现有完整性模型可用性不强的问题.针对来自网络的攻击以及本地恶意代码破坏系统完整性等问题给出了保护策略.从与Linux系统及系统中已有的应用程序的兼容性角度出发,DMIP做到了无代价兼容.给出了DMIP模型的不变式和约束,针对模型进行了安全定理的形式化证明,保证了模型的安全性.

英文摘要:

Since the integrity policy model has been proposed, its maturity has always been lower than that of the confidentiality policy model. The restriction is due to integrity level dividing and usability. In this paper, different kinds of integrity models are summarized from the point of practicability with their characteristics concluded. Based on the previous discussion, this paper presents a practical dynamic integrity protection model called DMIP. It simplifies the intricacy of integrity level dividing and solves the existing problems on practicability of current integrity models especially for Linux. The DMIP is designed to preserve the integrity of system from potential network-based attacks and local malicious files. From the usability of Linux, DMIP improves the current integrity protection models. The paper also shows the invariant and constraint of DMIP model and provides formalization proof in theory.

同期刊论文项目
无线射频识别系统中继攻击的抵御机制研究
期刊论文 36 会议论文 20
高效环签名体制及其应用研究
期刊论文 41 会议论文 15 专利 1 著作 2
同项目期刊论文
An efficient certificateless aggregate signature with constant pairing computations
垃圾标签的抵御方法研究
Bidder-anonymous English auction protocol based on revocable ring signature
Efficient three-party authenticated key agreement protocol in certificateless cryptography
New identity-based three-party authenticated key agreement protocol with provable security
On the Security of an Efficient and Non-interactive Hierarchical Key Agreement Protocol
Privacy-enhanced Designated Confirmer Signature without Random Oracles
On the security of an identity based multi-proxy signature scheme
On the security of a pairing based signcryption scheme using self-certified public keys
An Expressive Decentralizing KP-ABE with Constant Ciphertext Size
Secure identity-based signcryption in the standard model
安全和能量关键的分布式协作任务调度
An improved authenticated encryption scheme
Security flaw of an ECC-based signcryption scheme with anonymity
Further improvement of an authentication scheme with user anonymity for wireless communications
A taxonomy of ring signature schemes: Theory and applications
Security flaw of an improved user authentication scheme with user anonymity for wireless communicati
Cryptanalysis of an Identity Based Signcryption without Random Oracles
Efficient privacy-preserving authentication protocol for vehicular communications with trustworthy
Efficient and multi-level privacy-preserving communication protocol for VANET
Provably secure and efficient certificateless authenticated tripartite key agreement protocol
Certificate-free ad hoc anonymous authentication
Efficient communication scheme with confidentiality and privacy for vehicular networks
Broadcast revocation scheme in composite-order bilinear group and its application to attribute-based
Identity-based online/offline signcryption for low power devices
Practical secure communication for integrating wireless sensor networks into the internet of things
A Provably Secure Certificate Based Ring Signature Without Pairing
Pairing-Free ID-Based Key-Insulated Signature Scheme
Simple three-party password-based key exchange protocol with provable security
Finding and fixing vulnerabilities in several three-party password authenticated key exchange protoc
一种代理远程数据完整性审计协议
基于身份竞争与协作的RFID阅读器防碰撞算法
基于有限自动机的RFID入侵检测
无证书并行密钥隔离加密体制
密钥隔离密码系统研究现状
一种社交网络虚假信息传播控制方法
距离约束协议的设计与分析
Semantic web services publication and OCT-based discovery in structured P2P network
数据多次发布的隐私保护研究进展
Hierarchical identity-based encryption without key delegation in decryption
连续空间查询的位置隐私保护综述
位置服务中基于贝叶斯的隐私泄露分析
一种可追溯的车载自组网隐私保护认证协议
垃圾标签的抵御方法研究
冷启动攻击研究综述
RFID距离约束协议的分析与设计
Android权限机制安全研究综述
新型自适应安全的密钥策略ABE方案
双重系统加密研究:获得完全安全的IBE及其扩展
轻量级无线射频识别认证协议的改进
Exploiting Consumer Reviews for Product Feature Ranking
基于分区自感簇头的无线传感网数据稳定传输机制
基于SQI和加权LBP直方图的不同光照环境下人脸识别
多目标量化变分滤波贝叶斯WSN跟踪定位算法
未来网络XIA中的虚拟机跨子网迁移
基于均值聚类分析和多层核心集凝聚算法相融合的网络入侵检测
基于改进PageRank算法和spin-glass模型的多角度识别可控的社区发现算法
基于UKF区域交叉定位的无线传感器网络sink节点动态跟踪算法
车辆自组网隐私保护研究综述
聚合签名及其应用研究综述
期刊信息
  • 《计算机研究与发展》
  • 中国科技核心期刊
  • 主管单位:中国科学院
  • 主办单位:中国科学院计算技术研究所
  • 主编:徐志伟
  • 地址:北京市科学院南路6号中科院计算所
  • 邮编:100190
  • 邮箱:crad@ict.ac.cn
  • 电话:010-62620696 62600350
  • 国际标准刊号:ISSN:1000-1239
  • 国内统一刊号:ISSN:11-1777/TP
  • 邮发代号:2-654
  • 获奖情况:
  • 2001-2007百种中国杰出学术期刊,2008中国精品科...,中国期刊方阵“双效”期刊
  • 国内外数据库收录:
  • 俄罗斯文摘杂志,荷兰文摘与引文数据库,美国工程索引,日本日本科学技术振兴机构数据库,中国中国科技核心期刊,中国北大核心期刊(2004版),中国北大核心期刊(2008版),中国北大核心期刊(2011版),中国北大核心期刊(2014版),中国北大核心期刊(2000版)
  • 被引量:40349