高级检索

    一种面向敏感信息处理的敏感度度量方法

    A Sensitivity Measurement for Sensitive Information Processing

    • 摘要: 应用软件一般需要输入和处理敏感信息,如密码,以实现用户和远程服务器之间的可靠认证和安全交互.定量度量敏感信息在敏感信息处理中的安全性是目前研究的难点.根据敏感信息处理的流程和敏感信息出现点的上下文,定义敏感信息处理的固有属性、可变属性和推求属性,设计了从固有属性和可变属性到数据操作的映射规则,提出了基于层次分析法(analytic hierarchy process, AHP)及折中型多属性决策(technique for order preference by similarity to an ideal solution, TOPSIS)的敏感度计算方法,从而实现敏感度的定量计算,展示在敏感信息处理中敏感度的动态变化规律,为敏感信息处理的安全防护提供支持.该方法可以应用于可信软件的安全分析和可信度量,最后,实验分析了3种敏感信息在处理中的敏感度变化,发现了敏感信息处理的潜在危险点,从而证实了该方法的有效性.

       

      Abstract: Application software needs to use sensitive information to build up the authentication between client and server, so how to measure the security or sensitivity of sensitive information during processing is an open issue. According to the procedure of sensitive information processing and context of its occurrence, inherent property, variable property and inferenced property have been defined, the mapping rules from these properties to data operations have been designed, and a method of sensitivity calculation based on AHP (analytic hierarchy process) and TOPSIS (technique for order preference by similarity to an ideal solution) has been proposed. This method can demonstrate dynamic changes of sensitivities among sensitive information processing to support security prevention against information leakage and attacks, and can be applied to security analysis and trust measure of trustworthy software on sensitive information. Finally, experimental results demonstrate that this method can describe sensitivity changes among sensitive information processing, and discover the potentially dangerous points in this processing, so its effectivity has been verified.

       

    /

    返回文章
    返回