检索规则说明:AND代表“并且”;OR代表“或者”;NOT代表“不包含”;(注意必须大写,运算符两边需空一格)
检 索 范 例 :范例一: (K=图书馆学 OR K=情报学) AND A=范并思 范例二:J=计算机应用与软件 AND (U=C++ OR U=Basic) NOT M=Visual
名 称:
注 释:
机构地区:[1]中国民航大学计算机科学学院,天津300300
出 处:《吉林大学学报(信息科学版)》2007年第3期300-307,共8页Journal of Jilin University(Information Science Edition)
基 金:国家863计划基金资助项目(20060112A1037);天津市自然科学基金资助项目(06YFJMJ00700);中国民航总局科技基金资助项目(MR0421815)
摘 要:针对分布式入侵检测系统(DIDS:Distributed Intrusion Detection System)面临的协作和自身安全问题,提出了一个分布式入侵检测系统和多组件入侵检测系统间的数据共享策略和合作访问控制策略模型。在模型中将每个主机的数据共享策略定义为由访问控制策略、完整性策略、合作策略组成的三元组,用这些策略形式化定义了主机间的关系。通过Take-Grant改进模型将主机间关系和权限联系结合,形成了入侵检测系统(IDS:Intrusion Detection System)的合作集合和识别广泛攻击的规则。该策略模型对分布式入侵检测系统中组件间的合作和信息共享提供了一个安全保障。各参与主机通过合作集合检测广泛入侵并抵御复杂攻击的潜在威胁。A data sharing and cooperative access control policy model aiming at the weakness of collaboration and self-security in DIDS (Distributed Intrusion Detection System) is presented. In this model, each host's sharing policy was defined by a triple composed of access control policy, integrity policy and cooperation policy, and relations between hosts were formally expressed with these policies. IDS (Intrusion Detection System) coopera- tion set and widespread attack detection role were formed after combination of hosts' relations and rights through modified Take-Grant model. The pohcy model provides a secure guarantee to information sharing and cooperation among components in DIDS. All participant hosts could detect widespread attacks and protect themselves from potential comprehensive attacks through cooperation set mechanism.
分 类 号:TP393.08[自动化与计算机技术—计算机应用技术]
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在链接到云南高校图书馆文献保障联盟下载...
云南高校图书馆联盟文献共享服务平台 版权所有©
您的IP:216.73.216.7