期刊文献+
任意字段
题名或关键词
题名
关键词
文摘
作者
第一作者
机构
刊名
分类号
参考文献
作者简介
基金资助
栏目信息

面向存储安全系统的新型人工免疫算法 被引量:1

New Artificial Immune Algorithm for Storage Security
下载PDF
导出
摘要 提出了新型人工免疫算法,用于研究高效的存储安全系统。首先给出了基于免疫存储安全系统的结构和相关定义。在分析人工免疫算法中已有匹配规则的基础上,为提高安全系统的效率,提出了任意r连续位匹配规则,提高检测器识别非自体的能力,减少存储安全系统识别非自体所需的成熟检测器数量;为了使存储安全系统能适应不同的自体集,自动优化检测效率和准确性,避免检测存储安全系统的失效,本文提出了自适应匹配阈值机制。分析了使用不同匹配规则时检测器能识别的最大非法访问请求数量,以及对不同自体集采用静态匹配阈值和自适应匹配阈值机制时存储安全系统的检测效率和准确性。使用新型人工免疫算法实现安全原型系统,验证了算法的性能。最后通过修改开源存储区域网系统Lustre中智能磁盘部分的源代码,实现了基于免疫安全磁盘的原型系统,测试增加存储安全系统前后Lustre系统的I/O性能,结果表明新型人工免疫算法能高效地保护存储系统的安全。 On the basis of analyzing demand of storage security system and current artificial immune algorithm, this paper presents new artificial immune algorithm to ensure security of storage system efficiently. Main current matching rules are introduced to analyze the efficiency of current artificial immune algorithm. Firstly the structure of storage se- curity system and the definition of main elements in it are given. To improve the efficiency of artificial immune algo- rithrn, this paper proposes random r-continuous matching rule to improve the number of non-self that one detector can recognize. To avoid failure of storage secure system that no detector are self-tolerance and low efficiency of inspecting, this paper presents self-adaptable threshold selection algorithm to select suitable threshold for different detectors, and then balance between efficiency and accuracy for different self sets. Analyzing how much non-self one detector can recognize and whether the selection of threshold is adaptability. Using new artificial immune algorithm to implement the prototype of secure system and verify its performance. We implement prototype of new artificial immune algorithm. The evaluating result shows the new artificial immune algorithm has higher efficiency and is more adaptability than current artificial immune algorithm. At last, we modify the source code of storage area network system named Lustre and implement prototype of the secure disk system. By evaluating its I/O performance, the result shows new artificial immune algorithm can ensure the security of storage efficiently.
作者 蔡涛 鞠时光 仲巍 牛德姣
机构地区 江苏大学计算机学院
出处 《计算机科学》 CSCD 北大核心 2008年第8期60-64,共5页 Computer Science
基金 国家自然科学基金(60573046) 江苏省自然科学基金(BK2007086)资助
关键词 人工免疫算法 存储安全 磁盘 I/O性能 Artificial immune algorithm, Storage security
分类号 TP18 [自动化与计算机技术—控制理论与控制工程] TP309.2 [自动化与计算机技术—计算机系统结构]
  • 相关文献

参考文献31

  • 1Blaze M. A cryptographic file system for UNIX//Proceedings of 1st ACM Conference on Communications and Computing Security. 1993.
  • 2Howard J,Kazar M, Menees S, et al. Scale and performance in a distributed file system. ACM TOCS, 1988,6 (1).
  • 3Fu K, Kaashoek M, Mazieres D. Fast and secure distributed read-only file system. OSDI, October 2000.
  • 4Mazieres D,Kaminsky M,Kaashoek M,et al. Separating key managementfrom file system security. SOSP,December 1999.
  • 5Li Xiangguo, Yang JiangHua, Wu Zhaohui. An NFSv4-Based Security Scheme for NAS. Parallel and Distributed Processing and Applications 2005. NanJiang, China.
  • 6Gobioff H,Nagle D,Gibson G. Embedded Security for Network-Attached Storage. CMU SCS technical report,CMU-CS-99-154. June 1999.
  • 7Strunk J D, Goodson G R, Sheinholtz M L, et al. Self-Securing Storage: Protecting Data in Compromised Systems// 4th Symposium on Operating System Design and Implementation. San Diego, CA Oct. 2000.
  • 8Soules C A N, Goodson G R, Strunk J D G, et al. Efficiency in Versioning File Systems//2nd USENIX Conference on File and Storage Technologies. San Francisco, CA mar. 31-Apr. 2,2003.
  • 9Wylie J,Bigrigg M, Strunk J, et al. Survivable information storage systems. IEEE Computer, August 2000.
  • 10Ganger G R, Khosla P K, Bakkaloglu M, et al. Survivable Storage Systems//DARPA Information Survivability Conference and Exposition (Anaheim, CA, 12-14 June 2001). IEEE, 2001, 2:184-195.

二级参考文献7

  • 1[1]Auspex whitepaper.NAS-SAN convergence today:new trends iN enterprise storage[EB/OL].www.internetnews.com/storage/article.php/,2002.
  • 2[2]XIE Chang-Sheng, FU Xiang-Lin, HAN De-Zhi et al. The Study and Implemetation of a New iSCSI-based SAN[J]. Computer Research and Development, 2003, 40(5):246-251.
  • 3[3]Howard J et al.Scale and performance in a distributed file system[J]. ACM transactions on Computer Systems ,February 1988 6(1):51-81.
  • 4[4]Ethan M,Darrell L,William F and Benjamin R.Strong security for distributed file systems[J]. IEEE Micro,May 2001,20(1):34-40.
  • 5[5]Gibson G et.al. A case for network-attached secure dicks[R]. Technical Report CMU-CS-96-142.June 17,1996.Available at http://www.pdl.cs.cmu.edu/NASD/.
  • 6[6]E. Zadok et.al. FiST: A language for stackable file systems[C]. Proceedings of the Annual USENIX Technical Conference,June 2000.
  • 7谢长生,傅湘林,韩德志,任劲.一种基于iSCSI的SAN的研究与实现[J].计算机研究与发展,2003,40(5):746-751. 被引量:31

共引文献7

同被引文献9

引证文献1

计算机科学
2008年 第8期

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部