计算机应用 ›› 2015, Vol. 35 ›› Issue (12): 3419-3423.DOI: 10.11772/j.issn.1001-9081.2015.12.3419

• 信息安全 • 上一篇    下一篇

适用于移动自组织网络的信息安全动态评估模型

潘磊1,2, 李廷元1   

  1. 1. 中国民用航空飞行学院计算机学院, 四川广汉 618307;
    2. 四川大学计算机学院, 成都 610065
  • 收稿日期:2015-06-10 修回日期:2015-07-27 出版日期:2015-12-10 发布日期:2015-12-10
  • 通讯作者: 潘磊(1982-),男,四川彭州人,讲师,博士研究生,CCF会员,主要研究方向:网络体系结构、信息安全
  • 作者简介:李廷元(1968-),男,四川彭山人,副教授,硕士,主要研究方向:民航计算机应用。
  • 基金资助:
    中国民航总局应用开发科技项目(MHRD20140212);中国民用航空飞行学院青年基金资助项目(Q2012-054)。

Dynamic information security evaluation model in mobile Ad Hoc network

PAN Lei1,2, LI Tingyuan1   

  1. 1. College of Computer Science and Technology, Civil Aviation Flight University of China, Guanghan Sichuan 618307, China;
    2. College of Computer Science, Sichuan University, Chengdu Sichuan 610065, China
  • Received:2015-06-10 Revised:2015-07-27 Online:2015-12-10 Published:2015-12-10

摘要: 在信息安全风险评估领域,针对传统静态评估手段难以适应移动自组织网络的动态拓扑结构的缺陷,提出了一种新的动态再评估模型。该模型将整个系统抽象为构件和访问路径组成的拓扑结构,将构件间的关系抽象为三类关联类型和四类组合类型,并给出不同关系条件下的安全度量方法。当系统发生变化后,以变化的构件为中心,确定其变化的影响范围和新的关系类型,只对相邻构件进行再评估,进而得到局部和全局的新安全度量。实验结果显示,所提出评估模型具有更高的评估效率,能大幅大减少评估成本。

关键词: 信息安全风险评估, 移动自组织网络, 再评估方法, 动态评估模型, 构件

Abstract: In the field of information security risk evaluation, it is difficult for the traditional static evaluation methods to adapt to the dynamic topology of Mobile Ad hoc NETwork (MANET). In order to solve the problem, a new dynamic reevaluation model was proposed. In the proposed model, the whole system was abstracted into a topology which was comprised of components and access paths. The relations between components were abstracted into three kinds of association relations and four kinds of combination relations. In addition, the methods of security metrics under different relations were provided. When system changed, the influence range of its change and new relation types were determined by taking the changed component as a center. Under that condition, only adjacent components were reevaluated. Then, the new local and whole security metrics were obtained. The experimental results show that the proposed model has higher evaluation efficiency and can decrease evaluation cost greatly.

Key words: risk evaluation of information security, Mobile Ad hoc NETwork (MANET), reevaluation method, dynamic evaluation model, component

中图分类号: