检索规则说明:AND代表“并且”;OR代表“或者”;NOT代表“不包含”;(注意必须大写,运算符两边需空一格)
检 索 范 例 :范例一: (K=图书馆学 OR K=情报学) AND A=范并思 范例二:J=计算机应用与软件 AND (U=C++ OR U=Basic) NOT M=Visual
名 称:
注 释:
机构地区:[1]数学工程与先进计算国家重点实验室,郑州450000
出 处:《计算机应用研究》2017年第2期503-507,521,共6页Application Research of Computers
基 金:国家科技支撑计划资助项目(2012BAH47B01);国家自然科学基金资助项目(61271252;61309007);郑州市科技创新团队项目(10CXTD150)
摘 要:安全协议的设计一直是网络安全领域的重要研究方向,传统的协议的安全性用经验和形式化的分析来保证。由于新攻击手段的出现,以及协议设计实现的缺陷等,协议仍存在潜在安全问题。传统的协议的设计和实现的模块相对固定,攻击者有充足的资源和时间分析和利用目标协议存在的缺陷和漏洞,对设计者有天然的不对称优势。为打破这种优势,提出了动态协议设计机制,对传统协议进行多样化、动态化改造,减少协议缺陷和漏洞的暴露时间。提出了基于攻击步骤的概率评估模型,验证了动态协议设计机制的有效性。The design of security protocol has been an important direction in the field of Internet security. Traditional security protocols are designed with historical experience, then analyzed and authenticated with formal methods. However, with the emergence of new attacks, as well as the flaws of protocol implementation and so on, the protocols designed still have potential security problem. The design and implementation of traditional protocol module is relatively fixed, so that the attackers have sufficient resources and time to analyze and exploit flaws and vulnerabilities of objective protocol, which give natural asymmetric advantages over designers. To solve these problems, this paper proposed the mechanism of dynamic protocol design and could translate traditional protocols into dynamic protocols with the methods of diversity and dynamic, which reduce the expo-sure time of flaws and vulnerabilities of objective protocol. Finally, it proposed attack probability model and show the security improvement of dynamic protocols compared with traditional protocols.
分 类 号:TP393.08[自动化与计算机技术—计算机应用技术]
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在链接到云南高校图书馆文献保障联盟下载...
云南高校图书馆联盟文献共享服务平台 版权所有©
您的IP:216.73.216.3