摘要
安全协议是网络空间安全的重要组成部分,安全协议实施是安全协议的最终表现形式。介绍了安全协议实施安全性分析的意义,分别按照三个前提条件:能够获取安全协议客户端实施和安全协议服务器端实施、仅能够获取安全协议客户端实施、不能获取安全协议客户端与安全协议服务器端实施,并依据安全协议实施安全性分析采用的主要分析方法——程序验证、模型抽取、网络轨迹、指令分析等,对相关研究成果进行归类、分析、比较、总结和讨论。对未来安全协议实施安全性分析的研究方向进行了展望。
Security protocols are not only the important part of cyberspace security,but also are the key technology of providing cyberspace security. Security protocol implementations are the final objective of developing security protocols and people have paid a special attention to its security analysis. Around the hot issue,first,it briefly introduced the significance of security protocol implementations. Then,based on three assumptions respectively,1) w ith security protocol client implementations and server implementations,2) w ith security protocol client implementations,3) w ithout security protocol client implementations and server implementations,and the approaches used,for examples,program verification,model extraction,net-trace and dynamic taint analysis,the related research results are categorized,compared,analyzed and discussed. Finally,the conclusions are presented and the several future w orks of security analysis of security protocol implementations are introduced.
出处
《山东大学学报(理学版)》
CAS
CSCD
北大核心
2018年第1期1-18,共18页
Journal of Shandong University(Natural Science)
基金
国家自然科学基金资助项目(61272497)
湖北省自然科学基金资助项目(2014CFB249)
关键词
网络空间安全
安全协议实施
程序验证
模型抽取
网络轨迹
指令分析
cyberspace security
security protocol implementations
program verification
model extraction
net-trace
execution analysis
