|
|||||
|
|
| 软件脆弱性影响分析模型 | |
| 引用本文: | 李新明,李艺,刘东.软件脆弱性影响分析模型[J].计算机工程,2010,36(17):63-65,68. |
| 作者姓名: | 李新明 李艺 刘东 |
| 作者单位: | 1. 南京理工大学计算机学院,南京,210094;装备指挥技术学院EIES重点实验室,北京,101416 2. 装备指挥技术学院科研部,北京,101416 3. 装备指挥技术学院EIES重点实验室,北京,101416 |
| 摘 要: | 软件脆弱性的本质是利用该脆弱性可以影响系统的安全。每个软件脆弱性对系统安全造成的影响及其危害程度是不同的。基于此,在研究软件脆弱性影响相关分类存在的问题的基础上,分析脆弱性的直接影响和最终影响及其关系,指出确定软件脆弱性直接影响的原则,设计出基于影响广度和深度的脆弱性直接影响的分析模型。分析系统级、用户级和文件级的脆弱性直接影响模式,并给出模型在大规模特定域网主动防御系统中的相关设计与实现。 |
| 关 键 词: | 软件脆弱性 安全 分类法 |
Software Vulnerability Effect Analysis Model |
|
| LI Xin-ming,LI Yi,LIU Dong.Software Vulnerability Effect Analysis Model[J].Computer Engineering,2010,36(17):63-65,68. | |
| Authors: | LI Xin-ming LI Yi LIU Dong |
| Affiliation: | (1. College of Computer, Nanjing University of Science & Technology, Nanjing 210094; 2. EIES Key Laboratory, Institution of Command & Technology of Equipment, Beijing 101416; 3. Department of Scientific Research, Institution of Command & Technology of Equipment, Beijing 101416) |
| Abstract: | The essence of software vulnerability is to exploit and affect system security. Different software vulnerabilities cause different effects to system and the severity is various as well. Based on the critical research of some typical taxonomy relative to software vulnerability effects, the direct effect and final effect and relationship between are analyzed. The key factor of software vulnerability direct effect is demonstrated and the software vulnerability analysis model based on effect width and depth is proposed. The direct effect modes are analyzed including system level, user level and file level. The design and implementation of model on active defense system for large scale network of mission-critical domain are given. |
| Keywords: | software vulnerability security taxonomy |
| 本文献已被 维普 万方数据 等数据库收录! | |
| 点击此处可从《计算机工程》浏览原始摘要信息 | |
| 点击此处可从《计算机工程》下载全文 | |
