| 一种基于协议分析的可信信道评估方法 |
| |
| 引用本文: | 李沁,曾庆凯.一种基于协议分析的可信信道评估方法[J].计算机学报,2006,29(8):1329-1336. |
| |
| 作者姓名: | 李沁 曾庆凯 |
| |
| 作者单位: | 1. 南京大学计算机软件新技术国家重点实验室,南京,210093
2. 南京大学计算机科学与技术系,南京,210093 |
| |
| 基金项目: | 国家高技术研究发展计划(863计划);国家自然科学基金;江苏省自然科学基金 |
| |
| 摘 要: | 目前,对可信信道的评估大多局限于经验的评测,缺乏理论支持,存在着极大的不确定性和不完备性.对此基于通用安全标准CC(Common Criteria)给出了具有一定通用性和可重用性的可信信道评估框架,在此评估框架中应用了形式化的验证方法,提出了把经验分析和形式化验证相结合的评估方法.同时在对SSH的评估中对Cord演算作了适应性的扩展.
|
| 关 键 词: | 安全评估 形式化验证 可信信道 Cord演算 |
| 收稿时间: | 2006-02-12 |
| 修稿时间: | 2006-02-122006-05-30 |
An Evaluation Method for Trusted Channel Based on Protocol Analysis |
| |
| LI Qin,ZENG Qing-Kai.An Evaluation Method for Trusted Channel Based on Protocol Analysis[J].Chinese Journal of Computers,2006,29(8):1329-1336. |
| |
| Authors: | LI Qin ZENG Qing-Kai |
| |
| Affiliation: | State Key Laboratory for Novel Software Technology, Nanjing University, Nanjing 210093;Department of Computer Science and Technology, Nanjing University, Nanjing 210093 |
| |
| Abstract: | Trusted channel provides various security services for information products in the environment of insecure networks. It has become a focused problem that whether the services of trusted channel provided by security products wholly satisfy the security function requirement. Now most evaluation methods are very uncertain and incomplete because they are almost empirical and without theoretical support. This paper proposes an evaluation framework based on the Common Criteria with generalization and reusability in some sense. The formal verification methods are applied in the framework, combined with empirical analysis. As an example, SSH protocol is verified by Cord calculus with type system, cryptographic function, and extended inference rules. |
| |
| Keywords: | security evaluation formal verification trusted channel Cord calculus |
| 本文献已被 CNKI 维普 万方数据 等数据库收录! |
