基于QoP的访问控制模型的设计与研究
发布时间:2019-04-24 21:38
【摘要】:在互联网爆炸式发展的今天,网络成为人们日常生产生活中必不可少的一部分。一直以来,人们往往过于强调网络服务质量的提高,侧重于服务类别全面、操作便捷、处理高效等用户能够直接感受到的网络服务的要求,忽视了对于安全的考量和评价,从而无法根本上为用户提供一个安全可靠的网络环境。因此,近年来有学者将安全防护质量的概念引入到人们的视野,旨在将安全问题作为一个关键性要素进行研究和分析,摒弃单一考虑某个安全威胁的传统思维,综合性对用户所处系统或所在网络的安全问题进行分析,给出整体性评价结果。这就使得安全问题不再停留在理论研究分析,而是像QOS一样成为日常网络服务中的一个常规性参考项。以此为背景,本文主要的工作如下: 1、对安全防护质量评价的具体算法进行了研究。安全防护质量作为网络安全领域的新概念,其目的在于寻找一套可度量、可量化的指标对系统的安全情况进行有效的评估,满足日益复杂网络环境下的安全需求。结合所研究问题难定量的特点,本文提出了采用层次分析法作为评价的基础算法,建立了改进的基于层次分析法的安全防护质量的评估模型,考虑到近年来语音系统的迅速发展,本文以会话初始化协议(Session Initiation Protocol,SIP)环境为案例进行具体分析,明确了具体的评估模型及参数。 2、研究、分析了安全防护质量与访问控制相结合的具体方法。访问控制是网络系统实现安全管理的重要手段,而安全防护质量是系统的天然属性,两者关系密切。因此,本文将安全防护质量与基于属性的访问控制模型相结合,提出了基于安全防护质量的访问控制模型,并给出了安全策略的设计方案,为用户及网络提供更为可靠的防护手段。 3、本文在上述理论分析的基础上,搭建了SIP系统,给出了在SIP环境下的基于安全防护质量的访问控制模型系统的设计方案和实现,更加灵活、有效的进行了访问控制。
[Abstract]:In the explosive development of the Internet today, the network has become an essential part of people's daily production and life. All along, people always put too much emphasis on the improvement of the quality of network service, focusing on the comprehensive service category, convenient operation, high efficiency and other network service requirements that users can directly feel, ignoring the consideration and evaluation of security. Therefore, it is impossible to provide a secure and reliable network environment for users. Therefore, in recent years, some scholars have introduced the concept of the quality of safety protection to people's horizons, in order to study and analyze security as a key factor, and to abandon the traditional thinking of considering a single security threat. A comprehensive analysis of the security problems of the system or the network in which the user is located is carried out, and the overall evaluation results are given. This makes the security problem no longer stay in the theoretical research and analysis, but like QOS as a regular reference in daily network services. Based on this background, the main work of this paper is as follows: 1. The specific algorithm of safety protection quality evaluation is studied. As a new concept in the field of network security, the purpose of the security protection quality is to find a set of measurable and quantifiable indicators to effectively evaluate the security situation of the system, and to meet the security needs of the increasingly complex network environment. Combined with the difficult quantitative characteristics of the problems studied, this paper presents an improved evaluation model of safety protection quality based on analytic hierarchy process (AHP), which adopts AHP as the basic algorithm of evaluation, and establishes an improved evaluation model of safety and protection quality based on AHP. Considering the rapid development of voice system in recent years, this paper takes session initialization Protocol (Session Initiation Protocol,SIP) environment as a case to analyze and clarify the specific evaluation model and parameters. 2. The concrete method of combining security protection quality with access control is studied and analyzed. Access control is an important means to realize security management in network systems, and the quality of security protection is a natural attribute of the system, which is closely related to each other. Therefore, this paper combines security protection quality with attribute-based access control model, puts forward an access control model based on security protection quality, and gives the design scheme of security policy. To provide users and the network with more reliable means of protection. 3. On the basis of the above-mentioned theoretical analysis, this paper builds the SIP system, and gives the design scheme and implementation of the access control model system based on the quality of security protection under the SIP environment, which is more flexible and effective for access control.
【学位授予单位】:北京邮电大学
【学位级别】:硕士
【学位授予年份】:2015
【分类号】:TP393.08
本文编号:2464810
[Abstract]:In the explosive development of the Internet today, the network has become an essential part of people's daily production and life. All along, people always put too much emphasis on the improvement of the quality of network service, focusing on the comprehensive service category, convenient operation, high efficiency and other network service requirements that users can directly feel, ignoring the consideration and evaluation of security. Therefore, it is impossible to provide a secure and reliable network environment for users. Therefore, in recent years, some scholars have introduced the concept of the quality of safety protection to people's horizons, in order to study and analyze security as a key factor, and to abandon the traditional thinking of considering a single security threat. A comprehensive analysis of the security problems of the system or the network in which the user is located is carried out, and the overall evaluation results are given. This makes the security problem no longer stay in the theoretical research and analysis, but like QOS as a regular reference in daily network services. Based on this background, the main work of this paper is as follows: 1. The specific algorithm of safety protection quality evaluation is studied. As a new concept in the field of network security, the purpose of the security protection quality is to find a set of measurable and quantifiable indicators to effectively evaluate the security situation of the system, and to meet the security needs of the increasingly complex network environment. Combined with the difficult quantitative characteristics of the problems studied, this paper presents an improved evaluation model of safety protection quality based on analytic hierarchy process (AHP), which adopts AHP as the basic algorithm of evaluation, and establishes an improved evaluation model of safety and protection quality based on AHP. Considering the rapid development of voice system in recent years, this paper takes session initialization Protocol (Session Initiation Protocol,SIP) environment as a case to analyze and clarify the specific evaluation model and parameters. 2. The concrete method of combining security protection quality with access control is studied and analyzed. Access control is an important means to realize security management in network systems, and the quality of security protection is a natural attribute of the system, which is closely related to each other. Therefore, this paper combines security protection quality with attribute-based access control model, puts forward an access control model based on security protection quality, and gives the design scheme of security policy. To provide users and the network with more reliable means of protection. 3. On the basis of the above-mentioned theoretical analysis, this paper builds the SIP system, and gives the design scheme and implementation of the access control model system based on the quality of security protection under the SIP environment, which is more flexible and effective for access control.
【学位授予单位】:北京邮电大学
【学位级别】:硕士
【学位授予年份】:2015
【分类号】:TP393.08
【参考文献】
相关期刊论文 前6条
1 王小明;付红;张立臣;;基于属性的访问控制研究进展[J];电子学报;2010年07期
2 程相然;陈性元;张斌;杨艳;;基于属性的访问控制策略模型[J];计算机工程;2010年15期
3 林闯;王元卓;任丰原;;新一代网络QoS研究[J];计算机学报;2008年09期
4 林闯;肖岩平;王元卓;曾荣飞;;网络保护质量研究[J];计算机学报;2008年10期
5 李发泽;胡钢墩;;基于层次分析和模糊数学的网络安全评价模型[J];宁夏工程技术;2006年04期
6 吕武玲;黎忠文;;SIP中基于身份认证的安全机制研究[J];计算机技术与发展;2009年02期
,本文编号:2464810
本文链接:https://www.wllwen.com/guanlilunwen/ydhl/2464810.html
