基于网络行为的强制访问技术在铁路客票系统中的应用  

Application of Network Action-based Access Control Technology in Railway Ticket System

在线阅读下载全文

作  者:姚倩 宋晶[2] 戚建淮[2] YAO Qian;SONG Jing;QI Jianhuai(China Railway Chengdu Group Co.,Ltd.,Chengdu Sichuan 610081,China;Southwest Jiaotong University,Chengdu Sichuan 610031,China)

机构地区:[1]中国铁路成都局集团有限公司,四川成都610081 [2]西南交通大学,四川成都610031

出  处:《通信技术》2022年第1期122-126,共5页Communications Technology

摘  要:铁路客票系统属于国家关键信息基础设施,其运行安全关乎国家安全和人民安全。通过将主机上的访问行为映射到网络层面,提出对网络行为进行5×5要素界定的访问控制体系,以此解除对操作系统的依赖,实现对传输控制协议/网际协议(TCP/IP)5层模型全覆盖。将此思想应用于铁路客票系统,能在特定的网络服务点施行访问控制,并对不同的层次执行强度不同的访问控制,还可以在底层检测出某些非法的访问行为,避免后续操作,从而节省计算和内存资源,提升网络性能,并保证了铁路客票系统的威胁可追溯性、数据机密性以及程序完整性。The railway ticket system belongs to the country’s key information infrastructure, and its safe operation is related to national and people’s security. By mapping the access behavior on the host to the network level, an access control system that defines the network behavior by 5×5 elements is proposed. In this way, the dependence on the operating system is relieved, and the full coverage of the TCP/IP(Transmission Control Protocol/Internet Protocol) five-layer model is realized. Applying this idea to the railway ticket system can implement access control at specific network service points, and perform mandatory access control with different strengths at different levels. It can also detect some illegal access behaviors at the bottom layer and avoid its subsequent operations, thereby saving calculations, memory resources, improving network performance, and ensuring the threat traceability, data confidentiality and program integrity of the railway ticket system.

关 键 词:强制访问控制 网络行为 铁路客票系统 编码赋码 5×5要素界定 

分 类 号:TP309[自动化与计算机技术—计算机系统结构]

 

参考文献:

正在载入数据...

 

二级参考文献:

正在载入数据...

 

耦合文献:

正在载入数据...

 

引证文献:

正在载入数据...

 

二级引证文献:

正在载入数据...

 

同被引文献:

正在载入数据...

 

相关期刊文献:

正在载入数据...

相关的主题
相关的作者对象
相关的机构对象