安全组策略管理

Policy Management in Secure Group Communication

下载PDF

导出

摘要安全组通信的前提是一致的安全策略。组安全策略描述成员的安全目标、能力和需求,进而规定安全组的行为、访问控制参数、密码机制等。本文研究安全组策略的管理,包括组策略的制定、协商以及翻译、执行。在策略生命周期的基础上,依据安全多播组模型,提出组策略管理模型,并描述策略服务器的设计实现。策略的表示采用组安全策略标记语言(GSPML),能够支持组策略灵活的表示和协商。 Secure group communication is based on a consistent security policy. A security policy is a statement of a communication participant's security desires,abilities,and requirements. More explicit,a policy defines the group se- curity relevant behaviors,access control parameters,and security mechanisms. This paper considers policy manage- ment in security group communication,include of policy define,reconciliation, translation and enforcement. Based on policy life-cycle and group model,a policy management framework is presented. GSPML is used in the framework to specification group policies.

作者尹青蔡延荣王清贤

机构地区信息工程学院计算机系

出处《计算机科学》 CSCD 北大核心 2005年第1期67-69,161,共4页 Computer Science

基金本项目受国家重点基础研究发展规划项目(973项目项目编号G1999032700)

关键词安全组通信组安全策略安全多播策略生命周期组模型通信安全 Secure IP multicast Group policy Policy management Policy life-cycle Group model Group secure policy markup language

分类号 TN918.91 [电子电信—通信与信息系统]

引文网络
相关文献

参考文献10

1周伟,尹青,郭金庚.多播安全体系结构的研究与实现[J].计算机工程与应用,2002,38(9):22-24. 被引量：4
2尹青,周伟,王清贤.基于XML的组安全策略描述[J].计算机科学,2003,30(5):150-152. 被引量：1
3McDaniel P,Harney H,Colegrove A,et al. Multicast Security Policy Requirements and Building Blocks. Internet Research Task Force, Secure Mutlicast Research Group (SMuG), Internet Engineering Task Force,November 2000. (Draft)
4McDaniel P, Harney H,Dinsmore P,Prakash A. Multicast Security Policy. Internet Engineering Task Force, June 2000, (draft)
5Harney H,Colegrove A,Harder E,et al. Group Secure Association Key Management Protocol. Internet Engineering Task Force,May 2000,draft-harney-sparta-gsakmp-sec-01. txt (Draft)
6Harney H, McDaniel P, Colgrove A, Dinsmore P. Group Security Policy Token. Internet Research Task Force, September 2001,(draft-ietf-msec-gspt-00. txt> (Draft)
7Dinsmore B P,Heyman M,Kruus P, Scace C. Dynamic Cryptographic Context Management (DCCM) Report # 4: Final Report:[NAI Report # 0776]. April 6,2000
8McDaniel P, Prakash A. Antigone: Implement Policy in Secure Group Communication. http://www. eecs. umich. edu/～ pdmcdan/docs/CSE-TR-426-00. pdf
9McDaniel P,Prakash A. Ismene: Provisioning and Policy Reconciliation in Secure Group Communication. http://citeseer. nj. nec.com/384963. html, 2000
10Handley M,Jacobsen V.SDP:Session Description Protoco1.RFC 2327,April 1998

二级参考文献19

1Canetti R, Pinkas B. A Taxonomy of Multicast Security Issues.Internet Research Task Force, draft-irtf-smug-taxonomy-01, txt(Draft). Au. 2000.
2Hardjono T,Canetti R,Baugher M ,Dinsmore P. Secure Multicast :Problem Areas, Framework, and Building Blocks. Internet Engineering Task Force, draft-irtf-smug-framework-00, txt (Draft).Oct. 1999.
3McDaniel P, Harney H, Colegrove A, Prakash A, Dinsmore P. Multicast Security Policy Requirements and Building Blocks. Internet Research Task Force, Secure Mutlicast Research Group (SMuG), Internet Engineering Task Force, (dra ft-irtfsmug-polreq-00, txt)(Draft). Nov. 2000.
4Harney H, Colegrove A, Harder E, Meth U, Fleischer R. Group Secure Association Key Management Protocol. Internet Engineering Task Force, May 2000, draft-harney-sparta-gsakmp-sec-01. txt(Draft). May 2000.
5Harney H, McDaniel P, Colgrove A, Dinsmore P. Group Security Policy Token. Internet Research Task Force, (draft-ietf-msecgspt-00, txt)(Draft). Sep. 2001.
6Bahnson, Dinsmore P, Heyman M, Kruus P, Scace C. Dynamic Cryptographic Context Management (DCCM) Report # 4:Final Report. NAI Report. # 0776, April 6, 2000.
7Handley M, Jacobsen V. SDP: Session Description Protocol. RFC 2327, April 1998.
8Sreedhar Mukkamalla,Randy H Kata. A Scalable Framework for Secure Multicast. Available at http://sunsite.berkeley.edu/Dienst/UI/2.0/Describe/ncstrl.ucb
9R Canetti,B Pinkas. A Taxonomy of Multicast Security Issues[S].Intemet Research Task Force,draft-irtf-smug-taxonomy-01.txt(Draft),2000
10H Harney,M Baugher,T Hardjono. GKM Building Block:Group Security Association(GSA)Definition[S].Intemet Engineering Task Force,draft-irtf-smug-gkmbb-gsadef-00.txt ( Draft ), 2000

共引文献3

1尹青,周伟,王清贤.安全组管理模型研究[J].计算机科学,2005,32(8):12-14.
2田磊,黄焱.对DVB-RCS安全多播的改进[J].电视技术,2008,32(10):4-6.
3尹青,周伟,王清贤.基于XML的组安全策略描述[J].计算机科学,2003,30(5):150-152. 被引量：1

1潘志铂,郑宝玉,吴蒙.一种基于时间流的安全多播密钥更新机制的研究[J].电子与信息学报,2004,26(7):1045-1052. 被引量：1
2李保红,侯义斌,陈旭辉.安全多播中可靠的密钥传送协议[J].西安交通大学学报,2005,39(12):1339-1339.
3XU Chunxiang,ZHOU Junhui.ECC Based Dynamic Multiparty Key Agreement[J].Chinese Journal of Electronics,2009,18(2):355-360. 被引量：1
4英情报机构呼吁停止重置密码[J].中国信息安全,2016,0(6):8-8.
5陈秀英,徐蕾.一种基于安全组通信机制的网络视频系统[J].现代电子工程,2008(2):14-16.
6郭晶晶,李腊元,等.一种适合大组的安全组签名方案[J].计算机工程,2002,28(9):65-66.
7田文春,韦岗,等.基于数字证书的树型结构安全多播方案[J].电子与信息学报,2002,24(12):1815-1820. 被引量：2
8邹苏真.基于神经网络同步的密码协议研究[J].数字技术与应用,2013,31(6):220-221.
9蔡延荣,王清贤,李梅林,尹青.安全多播密钥更新研究[J].计算技术与自动化,2003,22(3):110-112. 被引量：1
10徐佳.什么是USBKey[J].网管员世界,2009(8):84-84. 被引量：1

计算机科学

2005年第1期

浏览历史

内容加载中请稍等...

安全组策略管理

参考文献10

二级参考文献19

共引文献3

相关作者

相关机构

相关主题

浏览历史