摘要
针对信息系统访问控制能力的量化评估问题,提出一种基于安全熵的分析理论。首先,将信息熵引入到系统对违规访问行为响应的不确定性计算方法上,提出安全熵的概念;然后,基于安全熵提出了系统的访问控制能力指标;最后,应用该方法对系统经典的访问控制方法进行了量化分析,验证了该方法的实用性,并比较了这些访问控制模型安全性。结果证明该方法适用于访问控制模型的安全性度量以及系统的访问控制能力评估。
To quantitative analysis on capability of access control in information systems, a analysis theory is proposed based on security entropy.Firstly, using information entropy to calculate the uncertainty for the system's determinations on the irregular access behaviors, and the security entropy is put forward.Then the standard of access control capability are proposed based on security entropy.Finally, the typical access control models are analyzed by the method, the method's practicability is validated, and security and applicability of these models are compared.The result proves that the methods is suit for security quantitative analysis on access control model and evaluation to access control capability in information system.
出处
《网络安全技术与应用》
2014年第5期158-159,共2页
Network Security Technology & Application
关键词
信息熵
安全熵
访问控制模型
直接违规访问
流向违规访问
间接违规访问
Information entropy
Security entropy
Access control model
Directly unauthorized access
.rightabout access
indirectly unauthorized access
