| 设计类脆弱性研究 |
| |
| 引用本文: | 李艺,李新明,姜湘岗.设计类脆弱性研究[J].计算机科学,2005,32(4):216-218. |
| |
| 作者姓名: | 李艺 李新明 姜湘岗 |
| |
| 作者单位: | 1. 装备指挥技术学院,北京,101416
2. 北京电子科技学院,北京,100036 |
| |
| 基金项目: | 863项目2003AA1Z2050 |
| |
| 摘 要: | 对目前的软件脆弱性分类方法进行了分析,针对Unix/Linux操作系统,提出了基于软件脆弱性所在部件和引入原因的二维度的脆弱性分类法,并简要说明了对引入原因的进一步分类的方法。设计类脆弱性是一类重要的软件脆弱性,但在已知的各种脆弱性分类中对设计脆弱性的分类几乎是空白。本文重点对其中的设计类脆弱性进行了研究,提出了将设计类脆弱性的划分方法,分成限制脆弱性、需求无法实现脆弱性、安全设计脆弱性、异常处理脆弱性、功能局限脆弱性和随机结果脆弱性等几类,并给出了每一类设计脆弱性的定义和典型的实例。
|
| 关 键 词: | 脆弱性 分类法 操作系统 网络 软件工程 |
Research on Design Vulnerabilities Class |
| |
| LI Yi,LI Xin-Ming,JIANG Xiang-Gang.Research on Design Vulnerabilities Class[J].Computer Science,2005,32(4):216-218. |
| |
| Authors: | LI Yi LI Xin-Ming JIANG Xiang-Gang |
| |
| Affiliation: | LI Yi,LI Xin-Ming,JIANG Xiang-Gang Institution of Command and Technology of Equipment,Beijing 101416 Institute of Beijing Electronic Science and Technology,Beijing 100036 |
| |
| Abstract: | This paper analyzes the existing taxonomies of software vulnerability. For Unix/Linux operation systerm, this paper proposes two-dimensional taxonomy of software vulnerability based on location and cause attributes,and describes the classification scheme of software vulnerabilities according to their cause. Design vulnerabilities class is an important class of vulnerabilites, but no existing classification identifies the types of design vulnerabilities in further detail yet. This paper elaborates on the aspect of research on design vulnerabilities and proposes the classification schema which divides design vulnerabilities into following subclasses: limit vulnerabilities, unsatisfied requirement vul- nerabilities, security design vulnerabilities, exception handling vulnerabilities, restricted function vulnerabilities and random result vulnerabilities. This paper gives the definition and typical examples of every subclass. |
| |
| Keywords: | Vulnerability Taxonomy Operating system Network Software engineering |
| 本文献已被 CNKI 维普 万方数据 等数据库收录! |
|
点击此处可从《计算机科学》下载全文 |
|
