摘要
信息领域的竞争是一种体系竞争,针对单一防御手段无法应对立体攻击的问题,构建了一种基于自然免疫原理与可信计算的自主可控信息系统。该系统包括可信网络基础功能部分、用户行为度量子系统、软件行为度量子系统和容错子系统,通过在基础功能部分增加安全机制的方式实现了信任链的扩展、可信网络接入控制模型与基于角色访问控制模型的融合,以及可信终端全生命周期的可信接入。
The competition in the field of information is a kind of system competition.Aiming at the problem that a single defense method cannot cope with the comprehensive attack,an independent and controllable information system based on natural immune system and trusted computing was constructed.The system includes trusted network basic function subsystem,user behavior measurement subsystem,software behavior measurement subsystem and fault-tolerant subsystem.The advantage of this way of adding security mechanisms to basic functionality is the extension of the chain of trust,integration of trusted network access control model and role-based access control model and trusted access of trusted terminal throughout life cycle can be achieved.
作者
柳伟
慈林林
刘利平
LIU Wei;CI Linlin;LIU Liping(School of Computer Science and Technology,Beijing Institute of Technology,Beijing 100081,China;Beijing Institute of Information High Technology,Beijing 100085,China)
出处
《智能科学与技术学报》
2019年第2期154-162,共9页
Chinese Journal of Intelligent Science and Technology
关键词
自主可控信息系统
可信计算
软件行为
用户行为
容错系统
independent and controllable information system
trusted computing
software behavior
user behavior
fault-tolerant system
