期刊文献+
任意字段
题名或关键词
题名
关键词
文摘
作者
第一作者
机构
刊名
分类号
参考文献
作者简介
基金资助
栏目信息

联动系统安全设备访问控制策略冲突检测研究

Research on Access Control Policy Conflicts Detection Method for Linkage System Safety Device
下载PDF
导出
摘要 联动系统安全设备下的访问控制策略确保了防火墙、VPN、防病毒系统和漏洞扫描器等安全设备协同工作,有效地保证了网络信息系统的安全性。文章首先定义了访问控制策略及策略冲突,根据实际环境对策略类型及冲突进行分类。其次,针对不同的策略数据类型进行简单的预处理,根据冲突特点对策略进行归并,利用策略冲突检测算法对策略进行冲突检测。最后,通过算法的复杂度分析和实验结果,说明此策略检测方法具有理想的执行效率。 The access control of linkage system safety device can ensure that the firewall policy, VPN, anti-virus system, vulnerability scanner and other security equipment work cooperatively. Thus, the security of network information system's safety is achieved effectively. Firstly, this paper defines access control policies and policy conflicts, and categorizes them according to the actual environment. Secondly, a simple pretreatment is used for different data type of strategies and a merge is performed for strategies considering the characteristics of conflict, also some policy conflict detection algorithms are used for conflict detection in strategies. Finally, the algorithm complexity analysis and experimental results illustrate the proposed detection method has a desirable execution efficiency.
作者 侯喆瑞 吴紫薇 陈蕾 程晓荣
机构地区 国网冀北电力有限公司经济技术研究院 华北电力大学(保定)计算机系
出处 《电力信息与通信技术》 2016年第8期33-37,共5页 Electric Power Information and Communication Technology
关键词 网络安全 访问控制策略 策略冲突 冲突检测 cyber security access control policy policy conflict conflict detection
分类号 TP393.08 [自动化与计算机技术—计算机应用技术]
  • 相关文献

参考文献7

二级参考文献53

  • 1彭高辉,王志良.数据挖掘中的数据预处理方法[J].华北水利水电学院学报,2008,29(6):61-63. 被引量:19
  • 2曹建军,刁兴春,陈爽,邵衍振.数据清洗及其一般性系统框架[J].计算机科学,2012,39(S3):207-211. 被引量:31
  • 3王卫平,陈文惠.防火墙规则配置错误分析及其检测算法[J].计算机应用,2005,25(10):2269-2271. 被引量:3
  • 4AL-SHAER E,HAMED H.Taxonomy of conflicts in network security policies[J].IEEE Communications Magazine,2006,44(3):134-141.
  • 5EPPSTEIN D,MUTHUKRISHNAN S.Internet packet filter management and rectangle geometry[C]//Proc of the 12th Annual ACM-SIAM Symposium on Discrete Algorithms (SODA).[S.l.]:ACM Computing Research Repository,2001:827-835.
  • 6HARI A,SURI S,PARULKAR G.Detecting and resolution packet filter conflicts[C]//Proc of the 19th Annual Joint Conference of the IEEE Computer and Communications Society.Tel Aviv,Israel:IEEE,2000:1203-1212.
  • 7ALFARO J G,CUPPENS F,BOULAHIA C N.Towards filtering and alerting rule rewriting on single-component policies[C]//Proc of Conference on Computer Safety,Reliability,and Security.Berlin:Springer,2006:182-194.
  • 8MAYER A,WOOL A,ZISKIND E.Fang:a firewall analysis engine[C]//Proc of IEEE Symposium on Security and Privacy.Berkeley,CA:IEEE,2000:177-187.
  • 9WOOL A.Architecting the lumeta firewall analyzer[C]//Proc of the 10th USENIX Security Symposium.Berkeley,CA:USENIX Association,2001:7.
  • 10ERONEN P,ZITTING J.An expert system for analyzing firewall rules,IMM-TR-2001-14[R].[S.l.]:University of Denmark,2001:100-107.

共引文献45

电力信息与通信技术
2016年 第8期

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部