基于多约束安全工作流的漏洞管理系统  被引量:4

A Vulnerability Management System Based on Multi-constrained Secure Workflow

在线阅读下载全文

作  者:陈圣楠 范新民 许力[2,3] Chen Shengnan;Fan Xinmin;Xu Li(Network and Data Center,Fujian Normal University,Fuzhou 350117;College of Computer and Cyber Security,Fujian Normal University,Fuzhou 350117;Engineering Research Center of Cyber Security and Education Informatization,Fuzhou 350117)

机构地区:[1]福建师范大学网络与数据中心,福州350117 [2]福建师范大学计算机与网络空间安全学院,福州350117 [3]网络与教育信息化福建省高校工程研究中心,福州350117

出  处:《信息安全研究》2022年第7期700-706,共7页Journal of Information Security Research

基  金:国家自然科学基金项目(U1905211)。

摘  要:当前网络空间安全形势日益严峻,层出不穷的网络安全漏洞使许多企事业单位痛苦不堪,造成难以估量的经济损失,成为大多数企事业单位的痛点和难点.漏洞管理需要协同人、资源和工具共同完成,必须设计一套高效的、安全的工作流.针对这一情况,在基于任务-角色的访问控制策略基础上,添加时间、空间、上下文等属性约束,构建多约束安全工作流模型并将其应用于漏洞管理流程.实践表明,流程可覆盖漏洞全生命周期管理,确保相关人员权责统一.同时,流程能轻松完成对数据及时定位、处理、分析和存档,使漏洞管理全过程可追踪、可回溯.The cyberspace security faces great challenges nowadays for the increasing amount of vulnerabilities. Many corporations and organizations find it difficult to deal with them, resulting in the economic loss and the endless suffering. As vulnerability management requires people, resources and tools working together, it is necessary to design an efficient and secure workflow. To tackle this problem, a multi-constraint secure workflow model is proposed based on Task-Role-Based Access Control with time, space and context constrains. The proposed model is applied to vulnerability management flow. The practice showed that the workflow can cover the lifecycle management of vulnerabilities and guarantee the consistency between rights and obligation for stakeholders. It makes it easy to identify, process, analyze and record the data, which helps to trace the workflow of vulnerability management.

关 键 词:漏洞管理 安全工作流 全生命周期管理 细粒度访问控制 网络安全 

分 类 号:TP391[自动化与计算机技术—计算机应用技术]

 

参考文献:

正在载入数据...

 

二级参考文献:

正在载入数据...

 

耦合文献:

正在载入数据...

 

引证文献:

正在载入数据...

 

二级引证文献:

正在载入数据...

 

同被引文献:

正在载入数据...

 

相关期刊文献:

正在载入数据...

相关的主题
相关的作者对象
相关的机构对象