| 基于抽象和搜索空间划分的安全性判定方法 |
| |
| 引用本文: | 王昌达,华明辉,周从华,宋香梅,鞠时光.基于抽象和搜索空间划分的安全性判定方法[J].计算机科学,2011,38(10):55-59. |
| |
| 作者姓名: | 王昌达 华明辉 周从华 宋香梅 鞠时光 |
| |
| 作者单位: | 江苏大学计算机科学与通信工程学院 镇江212013 |
| |
| 基金项目: | 国家自然科学基金(60773049); 江苏省自然科学基金(BK2007086); 江苏省高校自然科学研究计划(07KJB520016); 江苏省六大人才高峰项目(1631170006); 江苏大学高级人才项目(07JDG053)资助 |
| |
| 摘 要: | 为满足访问控制策略安全性快速判定的要求,提出一种基于谓词抽象和验证空间划分的访问控制策略状态空间约减方法,将在访问控制策略原始状态机模型上的安全性分析工作转移到包含较少状态的抽象模型上,并进一步划分抽象模型的验证空间,以提高效率。理论分析和实验数据均表明,其安全性分析所需的时间和空间都得到有效约减。与传统方法相比,它具有速度更快、自动化程度更高等优点。
|
| 关 键 词: | 访问控制,谓词抽象,安全性分析,模型检测,可信评估 |
Security Analysis of Access Control Policy Based on Predicate Abstract and Verification Space Division |
| |
| WANG Chang-d,HUA Ming-hui,ZHOU Cong-hu,SONG Xiang-mei,JU Shi-guang.Security Analysis of Access Control Policy Based on Predicate Abstract and Verification Space Division[J].Computer Science,2011,38(10):55-59. |
| |
| Authors: | WANG Chang-d HUA Ming-hui ZHOU Cong-hu SONG Xiang-mei JU Shi-guang |
| |
| Affiliation: | (School of Computer Science and Telecommunication Engineering,Jiangsu University,Zhenjiang,Jiangsu 212013,China) |
| |
| Abstract: | In order to implement security analysis of access control policy rapidly, predicate abstract with verification space division was presented, i. e. transfer pristine state machine model analysis to abstract state machine model which contains fewer states. Furthermore,verification space division was introduced to decrease the dimensions of model checking. Endorsed by both theoretic analysis and experiment, time and space requirement are effectively reduced. Compared with the known methods,our methodology is more efficiency and less human interacted. |
| |
| Keywords: | Access control Predicate abstract Security analysis Model checking Trust evaluation |
| 本文献已被 CNKI 万方数据 等数据库收录! |
| 点击此处可从《计算机科学》浏览原始摘要信息 |
|
点击此处可从《计算机科学》下载全文 |
