引用本文: | 何鸿君,曹四化,褚祖高,等.一种改进的事件驱动系统框架.[J].国防科技大学学报,2008,30(3):70-75.[点击复制] |
HE Hongjun,CAO Sihua,CHU Zugao,et al.An Improved Event-driven System Infrastructure[J].Journal of National University of Defense Technology,2008,30(3):70-75[点击复制] |
|
|
|
本文已被:浏览 6596次 下载 5972次 |
一种改进的事件驱动系统框架 |
何鸿君1, 曹四化1,2, 褚祖高2, 罗莉1, 宁京宣1, 董黎明1, 李朋1 |
(1.国防科技大学 计算机学院,湖南 长沙 410073;2.75200部队 自动化站,广东 惠州 516001)
|
摘要: |
在给出事件驱动系统安全漏洞的基础上,指出了产生漏洞的根本原因是:系统忽视了输入系统的事件序列之间存在的相关性;系统无条件信任任何事件源产生的事件。针对这两个原因,相应提出了事件序列形式安全分析模型及基于事件源的可信度评估模型,依据这两个模型,构建了一种改进的事件驱动系统框架。 |
关键词: 信息安全 事件驱动系统 事件序列 事件源 可信度 |
DOI: |
投稿日期:2007-11-06 |
基金项目:国家部委基金资助项目(9140C1102060707) |
|
An Improved Event-driven System Infrastructure |
HE Hongjun1, CAO Sihua1,2, CHU Zugao2, LUO Li1, NING Jingxuan1, DONG Liming1, LI Peng1 |
(1.College of Computer, National Univ. of Defense Technology, Changsha 410073, China;2.Automation Station, No. 75200 Army Unit, Huizhou 516001, China)
|
Abstract: |
Based on the presentation of the security vulnerability of the event-driven system, this paper points out the deep reasons for the vulnerability of system: (1) The system ignores the inherent correlation among events; (2) The system trusts events from any sources without condition. In view of these two reasons, this paper presents an analytical model for security of event sequence, and an evaluation model of trustworthiness based on event source. Furthermore, this paper constructs an improved event-driven system infrastructure based on the two models. |
Keywords: information security event-driven system event sequence event source trustworthiness |
|
|
|
|
|