摘要
对系统进行攻击的本质之一是在信息流动过程中的非授权泄露与修改,进而破坏系统的安全性,这使得非常有必要对信息流的安全进行分析。从安全保障目标和安全保障方式上对安全信息流模型进行了分类,综述了不同类型的信息流模型研究现状,分析了现有面向信息流的量化评估方法,展望了面向信息流安全评估的发展趋势。
One critical characteristics of attacking information systems is to illegally leak and modify information during information flows. So it is necessary to analyze the security of information flow. In this paper, secure information flow are reviewed. First, a classifica- tion of secure information flows is presented. Then each class is illustrated in detail, and its evaluation is summarized. Finally the future research topics are discussed.
出处
《软件》
2012年第1期1-4,共4页
Software
基金
国家自然科学基金项目(61100186)
关键词
信息流
机密性
完整性
量化评估
Information flow
confidentiality
integrity
quantitative evaluation
