摘要
近年来,伴随着企业的数字化转型快速落地,内部数据泄露和受高级可持续威胁攻击(Advanced Persistent Threat,APT)的风险不断升级,传统的接入管控模式暴露出一系列问题。针对广域网和云计算环境下接入访问的高度动态化特点,设计动态信任度量的接入管控体系,通过信任持续度量实现对接入访问的动态管控,在不断变化的环境下保障用户接入与访问的安全。同时,针对信任度量核心问题,提出了一种基于随机森林的信任度量算法,有效解决模型应用中样本数量不平衡的问题,加快学习收敛。该算法可应用在广域网络和云平台等不同的网络环境。
In recent years, with the rapid implementation of digital transformation of enterprises, the threat of internal data leakage and APT(Advanced Persistent Threat) attacks continue to escalate, and the traditional access control model exposes a series of problems. According to the highly dynamic characteristics of access in WAN and cloud computing environments, an access control system on dynamic trust measurement is designed. Through the continuous measurement of trust, the dynamic control of access is realized, and the security of user access is guaranteed in the changing environment. At the same time, aiming at the core problem of trust measurement, a trust measurement algorithm based on random forest is proposed, which can effectively solve the problem of unbalanced sample number in model application and accelerate the learning convergence. The algorithm can be applied in different network environments such as wide area network and cloud platform.
作者
廖竣锴
程永新
张建辉
LIAO Junkai;CHENG Yongxin;ZHANG Jianhui(No.30 Institute of CETC,Chengdu Sichuan 610041,China)
出处
《通信技术》
2022年第4期473-479,共7页
Communications Technology
关键词
持续信任
信任度量
网络接入
随机森林
continuous trust
trust measurement
network access
random forest
