摘要
针对传统数据保护方法难以应对未知的漏洞和后门等安全问题,提出一种基于拟态防御思想的动态异构冗余数据保护安全架构--拟态数据安全架构(Mimic Data Security,MDS),用以提升数据服务的安全性.首先,根据拟态防御技术的工作原理构造异构冗余的执行体资源池;然后,利用具有选调器、控制器、输入代理和裁决器等功能模块组成的中心控制器实现对异构冗余执行体的动态调度,并对在线执行体集的输出结果的进行多模裁决处理,用以提升系统的安全性和可靠性.仿真实验结果表明,对比传统静态架构,具有动态随机等特性的MDS架构具有更高的安全性能.
The traditional data protection methods can not deal with the unknown security threats. Thus,a dynamic,heterogeneous and redundancy data protection architecture based on mimic defense is proposed. Firstly,the execution bodies pool are given according to the working characteristics of mimic defense. Secondly,the center scheduler is used to realize the dynamic scheduling of execution bodies and the multi-mode decision processing of output results. Thus,the security and reliability of the system have been improved.The experimental results show that the newarchitecture has better security performance than traditional architectures. Therefore,the benefits of deploying newarchitectures are superior to traditional architectures.
作者
樊永文
朱维军
班绍桓
陈永华
FAN Yong-wen;ZHU Wei-jun;BAN Shao-huan;CHEN Yong-hua(School of Information Engineering,Zhengzhou University,Zhengzhou 450001,China)
出处
《小型微型计算机系统》
CSCD
北大核心
2019年第9期1956-1961,共6页
Journal of Chinese Computer Systems
基金
国家自然科学基金项目(U1204608,61572444)资助
国家重点研发计划项目(2016YFB0800100)资助
关键词
数据安全
异构冗余
动态调度
拟态防御
data security
heterogeneous redundancy
dynamic scheduling
mimic defense
