摘要
如何发现、修补和利用计算机漏洞 ,是网络攻防研究的焦点问题之一。本文首先对国内外的研究现状进行分析与综述 ,然后介绍了如何设计、实现计算机漏洞库系统 ,提出了运用CORBA分布对象技术定义和实现漏洞库信息的应用程序访问接口 ,基于事件模型完成漏洞补丁程序或应对措施在可信任计算机之间的自动推送 ,实现动态的系统漏洞分析与应对。
How to discover, fix and exploit computer system vulnerabilities has been one of the focuses of the study on network security. In the paper, we summarize and analyze the related research first, then we describe how to design and implement a vulnerability database, put forward methods based on CORBA to define and implement the application programming interfaces of the vulnerability database, accomplish the automatic push of patches among trusted computers based on event models, and achieve a dynamic analysis and reaction of vulnerabilities.
出处
《计算机工程与科学》
CSCD
2004年第7期31-33,共3页
Computer Engineering & Science
基金
国家 8 63计划资助项目 ( 2 0 0 1AA14 2 0 90 )
国家网络与信息安全管理中心资助项目 ( 2 0 0 1 研 2 A 0 14 )