In order to ensure the security of information systems, it's essential to make sure that system behaviors are trusted. By analyzing threats that exist in executing procedures, a trust model based on structured pro...In order to ensure the security of information systems, it's essential to make sure that system behaviors are trusted. By analyzing threats that exist in executing procedures, a trust model based on structured protection is proposed. We consider that functional components, system actions and message flows between components are three key factors of information systems. Structured protection requirements on components, connections and action parameters are also provided. Four trusted properties of the model are deducted through formal analysis, and trusted system behavior is defined based on these properties. Furthermore, decision theorem of trusted system behavior is proved. The developed prototype system indicates the model is practical. It is a general theory model built on logic deduction and independent on specific environment and the behaviors of the system designed and implemented following the model are trusted.展开更多
基金supported by National Science and Technology Major Project under Grant No.2012ZX03002003Funds of Key Lab of Fujian Province University Network Security and Cryptology under Grant No.2011009Open Research Project of State Key Laboratory of Information Security in Institute of Software,Chinese Academy of Sciences
文摘In order to ensure the security of information systems, it's essential to make sure that system behaviors are trusted. By analyzing threats that exist in executing procedures, a trust model based on structured protection is proposed. We consider that functional components, system actions and message flows between components are three key factors of information systems. Structured protection requirements on components, connections and action parameters are also provided. Four trusted properties of the model are deducted through formal analysis, and trusted system behavior is defined based on these properties. Furthermore, decision theorem of trusted system behavior is proved. The developed prototype system indicates the model is practical. It is a general theory model built on logic deduction and independent on specific environment and the behaviors of the system designed and implemented following the model are trusted.
