| 可视化的安全策略形式化描述与验证系统 |
| |
| 引用本文: | 雷新锋,刘军,肖军模,周海刚,张一丹.可视化的安全策略形式化描述与验证系统[J].计算机工程,2008,34(24):162-164. |
| |
| 作者姓名: | 雷新锋 刘军 肖军模 周海刚 张一丹 |
| |
| 作者单位: | 解放军理工大学通信工程学院,南京,210007 |
| |
| 基金项目: | 江苏省自然科学基金资助项目 |
| |
| 摘 要: | 通过分析安全策略中可能出现的问题,对安全策略的一致性与完备性进行形式化定义。通过构造安全策略的状态模型,提出策略的一致性与完备性验证算法。基于可扩展访问控制标记语言,设计并实现一种安全策略的形式化描述与验证系统。该系统将形式化的验证过程自动化,以可视化的形式为普通用户提供一种高效的策略验证工具。
|
| 关 键 词: | 安全策略 一致性 完备性 扩展访问控制标记语言 |
| 修稿时间: | |
Visual System of Formal Specification and Verification of Security Policy |
| |
| LEI Xin-feng,LIU Jun,XIAO Jun-mo,ZHOU Hai-gang,ZHANG Yi-dan.Visual System of Formal Specification and Verification of Security Policy[J].Computer Engineering,2008,34(24):162-164. |
| |
| Authors: | LEI Xin-feng LIU Jun XIAO Jun-mo ZHOU Hai-gang ZHANG Yi-dan |
| |
| Affiliation: | (Institute of Communications Engineering, PLA University of Science & Technology, Nanjing 210007) |
| |
| Abstract: | This paper analyzes the possible faults in policy, formally defines the consistency and completeness of the security policy. By building the state model of security policy, the algorithm for formally verifying security policy is proposed. Based on the eXtensible Access Control Markup Language(XACML), a system to formally specify and verify the security policy is designed and implemented. This system makes the process of the formal verification automatic, and provides an efficient tool for a normal user to verify the security policy in a visual form. |
| |
| Keywords: | security policy consistency completeness eXtensible Access Control Markup Language(XACML) |
| 本文献已被 CNKI 维普 万方数据 等数据库收录! |
| 点击此处可从《计算机工程》浏览原始摘要信息 |
|
点击此处可从《计算机工程》下载全文 |
|
