摘要
网络漏洞库的研究与建设,对于提高网络安全性具有重要意义。为综合利用已有漏洞库的信息,并提供更灵活的应用接口,提出了一种基于多库的网络安全漏洞信息采集系统模型。该系统由信息获取和信息集成两部分组成,信息获取部分根据来源漏洞库数据的特点实施相应的采集策略,实现数据的获取与更新,信息集成部分以漏洞的CVE编号为依据,实现对多个漏洞库信息的集成。研究了信息获取与信息集成的实现机制,保证了系统可扩展性、信息的全面性和应用方式的灵活性。
The research on the design of network vulnerability database is of great significance to network security. In order to use the information of vulnerability databases and provide more flexible application interfaces, a security vulnerabilities information collection system model based on several mature vulnerability databases is proposed. The system model consists of two parts: information collection sub-system and information integration sub-system. The information collection sub-system makes the information collection and updating strategies according to sources of the database. The information integration sub-system makes integrates of the databases based on CVE name of vulnerability. The implementation mechanisms of information collection and integration are studied, so that the extensibility, information comprehensiveness and flexibility of application interface are guaranteed.
出处
《计算机工程与设计》
CSCD
北大核心
2011年第5期1576-1580,共5页
Computer Engineering and Design
基金
国家自然科学基金项目(60874110)
关键词
安全漏洞
信息采集
公共漏洞和暴露
漏洞库
集成
security vulnerability
information collection
CVE (common vulnerabilities and exposures)
vulnerability base
integration
