摘要
责任认定是建立在身份认证和授权管理基础上的审计机制,在网络系统安全中发挥着重要作用。针对责任认定应解决的问题,提出责任认定平台理论原型及功能模型。首先,提出使用时间戳服务对安全日志进行处理,以保证安全日志的完整性及安全性;其次,通过日志分析系统对安全日志进行数据挖掘、关联分析、行为追踪等,分析结果载入责任认定数据库,作为责任认定的依据,辅助相关人员做出判断。责任认定平台原型系统的建立将有助于责任认定平台的具体实现,可作为实际平台建设的蓝本。
Responsibility identification is an auditing mechanism established on the basis of authentication and authorisation management,and plays an important role in network security.Aiming at the problems in responsibility identification which need to be solved,we propose in our study a theoretical prototype and functional model of responsibility identification platform.First,we propose to use timestamp to handle the security log so as to ensure the integrity and security of the security log.Secondly,by using the log analysis system,we suggest to execute data mining,correlation analysis,behaviour tracking on security logs database,the analyses results will be recorded to the database of responsibility identification and cited as the basis of responsibility identification,which can assist the relative personnel to make the judgements.The establishment of the prototype system of responsibility identification will contribute to the concrete realisation of the responsibility identification platform,and can be taken as the blueprint of practical platform construction.
出处
《计算机应用与软件》
CSCD
北大核心
2012年第11期315-319,共5页
Computer Applications and Software
关键词
责任认定
时间戳
安全日志
日志分析
Responsibility identification Timestamp Security log Log analysis
