计算机应用

• 信息安全 • 上一篇    下一篇

基于XML的风险描述及策略的灵活对应

刘洪燕   

  1. 西安电子科技大学
  • 收稿日期:2005-11-04 修回日期:1900-01-01 发布日期:2006-05-01 出版日期:2006-05-01
  • 通讯作者: 刘洪燕

Risks description based on XML and corresponding flexibly with policies

HongYan Liu   

  1. 西安电子科技大学
  • Received:2005-11-04 Revised:1900-01-01 Online:2006-05-01 Published:2006-05-01
  • Contact: HongYan Liu

摘要: 随着目前风险与安全需求的多样化,传统地以文本或数据库方式来对应安全策略已满足不了需求。本文通过用XML对风险进行描述,以定性和定量地方法分析其危害并实现了分析工具。通过分析工具可以灵活地选用安全策略。同时对于组合风险也可以方便地选用组合策略来灵活应对。

关键词: XML, 风险, 安全策略, 策略需求

Abstract: With the diversification of the risk and security requirement, the traditional modes which corresponding with security policies by text or database are hardly faced the requirement of the users. In this paper, through describing the risk with XML, its harmfulness with the qualitative and quantitative method was analysed and our analysis tool was realized. Using the tool, the security policies was selected flexibly and also the composite policies were selected flexibly corresponding with the composite risks.

Key words: XML, risks, security policies, policy requirements