计算机科学 ›› 2011, Vol. 38 ›› Issue (2): 32-37.
• 计算机网络与信息安全 • 上一篇 下一篇
倪俊,陈晓苏,刘辉宇,李劲
出版日期:
发布日期:
基金资助:
NI Jun,CHEN Xiao-su,LIU Hui-yu,LI Jing
Online:
Published:
摘要: 通过对基于策略的网络安全管理的研究,分析了现有网络安全策略冲突检测和消解方法存在的不足。基于策略求精的思想和安全策略冲突分类技术,建立基于策略的网络管理安全级模型,并用扩展的XACML语言加以描述。根据策略行为间的关系,采用知识推理技术,动态分层地对相应安全级策略进行一致性自动检测和实时冲突消解,使其具有良好的可重用性和可扩展性,以利于安全策略管理效率的提高。并通过策略求精访问控制的应用实现进行了验证。最后给出了未来的研究方向。
关键词: 网络安全,策略求精,安全级模型,一致性自动检测,知识推理,冲突消解
Abstract: Through policy-based network security management research, this paper analyzed the existing network security policy conflict detection and resolution method shortcomings. Based on policy refinement of ideas and security policy conflicts classification technology, policy-based network management security-level model was established, with extended XACMI_ language description. According to the relationship between policy behavior, using knowledge reasoning,dynamic layered security corresponding level of policy refinement consistency automatic detection and timely conflict resolution were made, letting it has a good reusability and scalability, and is conducive to the improvement of management efficiency. Policy-based access control refinement application implementation was verified. Finally, some of the fulure research directions were discussed.
Key words: Network security, Policy refinement, Security-level model, Consistency of automatic detection, Knowledge reasoning,Conflict resolution
倪俊,陈晓苏,刘辉宇,李劲. 网络安全策略求精一致性检测和冲突消解机制的研究[J]. 计算机科学, 2011, 38(2): 32-37. https://doi.org/
NI Jun,CHEN Xiao-su,LIU Hui-yu,LI Jing. Research on Network Security Policy Refinement Consistency of Detection and Conflict Resolution Mechanisms[J]. Computer Science, 2011, 38(2): 32-37. https://doi.org/
0 / / 推荐
导出引用管理器 EndNote|Reference Manager|ProCite|BibTeX|RefWorks
链接本文: https://www.jsjkx.com/CN/
https://www.jsjkx.com/CN/Y2011/V38/I2/32
Cited