摘要
为提高民航旅客服务系统的安全性,在软件安全开发生命周期(SDL)中进行威胁建模,建立并丰富适用于民航业务系统的威胁知识库,同时针对各类威胁提出有效措施,建立一种基于STRIDE模型和民航威胁知识库的新型威胁模型。该威胁建模方法对识别系统建设过程中所面临的安全风险具有重要意义,不仅适用于已建系统,也适用于新系统设计开发阶段的风险分析,解决了安全人员不了解业务、开发人员不了解安全的矛盾,可有效降低威胁分析门槛,降低软件安全风险和开发运维成本。
In order to improve the security of civil aviation passenger service system,threat modeling is built in SDL,constructing and enriching the threat knowledge base suitable for civil aviation business system.Meanwhile,effective mitigation measures are proposed aiming at various threats,forming a new threat model based on STRIDE and civil aviation threat knowledge base.This threat modeling method is effective to identify the security risks faced in the process of system construction,being not only suitable for existing systems,but also for the risk analyses during the design and development stages of new systems.The current method solves the contradiction between security personnel and system developers,which can effectively reduce the threshold of threat analysis,and the cost of software security risk and system development and operation.
作者
高健媛
彭明田
李永进
GAO Jianyuan;PENG Mingtian;LI Yongjin(Research and Development Center,Travelsky Co Ltd,Beijing101318,China)
出处
《中国民航大学学报》
CAS
2020年第5期41-45,共5页
Journal of Civil Aviation University of China
