摘要
继防火墙和入侵检测系统之后 ,容侵系统成为了保护大型网络服务器的又一重要技术 .该文在目前的基于状态转换模型的容侵系统研究模型的基础上 ,针对入侵行为对系统的资源和控制所造成的影响进行了分类 ,并进而提出了一种并行容侵系统研究模型———RC模型 .文章也给出了在RC模型上进行入侵恢复的基本方法 ,最后给出了容侵实例 .
Intrusion Tolerance System has become another essential technique to protect Internet servers against intrusion succeeding to the firewall and IDS. The article proposes a parallel model of intrusion tolerance system (ITS): RC model. This model classifies the effects of intrusions on system resources and controls when attacks happen. It divides the resources into 3 levels: measurable resource, information resource and attribute resource, and divides the control status into 2 levels: code level and active level. The 5 levels can characterize the system security state accurately from different views, though they are abstract. The article also describes how to analyze an ITS using RC model, and provides some recovery methods and instances of RC Model.
出处
《计算机学报》
EI
CSCD
北大核心
2004年第4期500-506,共7页
Chinese Journal of Computers
基金
国家自然科学基金重点项目(90104005)
国家自然科学基金项目(66973034)资助.