检索规则说明:AND代表“并且”;OR代表“或者”;NOT代表“不包含”;(注意必须大写,运算符两边需空一格)
检 索 范 例 :范例一: (K=图书馆学 OR K=情报学) AND A=范并思 范例二:J=计算机应用与软件 AND (U=C++ OR U=Basic) NOT M=Visual
作 者:高岩[1] 王丹阳 冯四风 顾青 GAO Yan;WANG Dan-yang;FENG Si-feng;GU Qing(College of Computer Science and Technology,Henan Polytechnic University,Jiaozuo 454000,China;Shanghai Puhua Trust Information Technology Co.,Shanghai 201403,China)
机构地区:[1]河南理工大学计算机科学与技术学院,河南焦作454000 [2]普华诚信信息技术有限公司,上海201403
出 处:《小型微型计算机系统》2020年第9期1905-1911,共7页Journal of Chinese Computer Systems
基 金:上海市科学技术委员会科研计划项目(18DZ1100502)资助。
摘 要:针对身份认证网关对未知攻击手段难以检测的核心问题,本文方案结合身份认证技术、访问控制技术与拟态防御技术,应用拟态防御中"动态异构冗余"模型架构,提出了一种基于容错的拟态身份认证网关防御方案.研究拟态防御框架下身份认证网关的性质、原理及方法架构,通过对身份认证、访问控制和授权管理各功能层面进行逻辑设计与实现,从理论上分析和验证拟态身份认证网关的抗攻击能力及自身的容侵能力.实验结果表明,较之传统身份认证网关,该方案对于无法预测到的漏洞与后门具有更好的抵御能力,使整体防御能力得到进一步提高.Aiming at the core problem that the identity authentication gateway is difficult to detect for unknown attack methods,this scheme combines identity authentication technology,access control technology and mimic defense technology,applies the"dynamic heterogeneous redundancy"model architecture in mimic defense,to propose a fault-tolerant mimic identity authentication gateway defense scheme.Studies the natures,principle and method architecture of the identity authentication gateway under the mimicry defense framework Through the logical design and implementation of the functional layers of identity authentication,access control and authorization management,the anti-attack capability and the tolerance of the mimic identity authentication gateway theoretically analyze and verified.The experimental results show that compared with the traditional identity authentication gateway,the scheme has better defense capability against unpredictable vulnerabilities and backdoors,and further improves the overall defense capability.
分 类 号:TP393[自动化与计算机技术—计算机应用技术]
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在链接到云南高校图书馆文献保障联盟下载...
云南高校图书馆联盟文献共享服务平台 版权所有©
您的IP:216.73.216.28
