Open Access Subscription Access
Access Control Capability Assessment Method Based on Security Entropy
In this paper, we propose analysis methods based on security entropy to overcome the problem of quantitative analysis, after going through the study of access control capability assessment for computer information system. At First, we computed the uncertainty how system determine irregular access behavior using the security entropy theory. Next, we defined the security theorem of classificatory information system, and proposed the standard of access control capability. Finally, we analyzed the typical access control models using the methods, and compared security and applicability of them. It proved that the method is appropriate for security quantitative analysis of access control model and for the evaluation of access control capability in information system.
Information Entropy, Security Entropy, Classificatory Access Control Model, Direct Unauthorized Access, Right About Access, Indirectly Unauthorized Access.
- BELL D E,LAPADULA L J. Secure Computer Systems: Mathematical Foundations[R]. Technical Report M74-244,The MITRE Corporation, Bedford, Massachusetts, 1973.
- David Elliott Bell, Looking Back at the Bell-La Padula Model[J]. Reston VA, 20191,December 7,2005.
- Si Tian-Ge, Tan Zhi-Yong, and Dai Yi-Qi A Security Proof Method for Multilevel Security Models[J]. Journal of Computer Research and Development, 2008,45(10): 1711-1717 (in Chinese).
- FU Zu-yun. Information theory - basic theory and application[M]. BEIJING: Publishing House of Electronics Industry,2007 (in Chinese).
- Wang Guibao,Huang Hongzhong,Zhang Xiaoling. Risk Possibility Number - A New Model for Risk Evaluation JOURNAL OF COMPUTERS, VOL. 9, NO. 12, DECEMBER 2014 2807 and Prioritization Based on Maximum Entropy Theory. ACTA AERONAUTICA ET ASTRONAUTICA SINICA. 2009,30(9):1684-1690 (in Chinese).
- Fu Yu,Wu Xiao-Ping ,Ye Qing,Peng Xi. An Approach for information Systems Security Risk Assessment on Fuzzy Set and Entropy-Weight. ACTA ELECTRONICA SINICA. 2010,38(7):1490-1494(in Chinese).
- Zhao Dong-Mei,Ma Jian-Feng, Wang Yue-Sheng. Model of fuzzy risk assessment of the information system. Journal on Communications. 2007, 28(4):51-56(in Chinese).
- GB/T 17859-1999. Classified criteria for security [S]. BEIJING: Standards press of china,1999 (in Chinese).
- P. Denning, Third Generation Computer Systems[J], Computer Surveys. 1971,3(4):175-216.
- Sandhu R S, Coyne E J, Feinstein H L. Role-based access control models[J]. IEEE Computer, 1996,29(2):38-47.
- Haibo Gao, Wenjuan Zeng, Xiaohong Deng. The Design and Simulation of a New Dynamic Credit and Role based Access Control Strategy. Journal of Computer .2014,Vol 9,No.2 :506-510.
- Bailing Liu. Efficient Trust Negotiation based on Trust Evaluations and Adaptive Policies. Journal of Computer.2011, Vol 9,No.1:222-227.
- Wang Chao, CHEN Xing-yuan, LI Na. An access control mode based on information flow graph[C]// Proceedings of the International Conference on Computational Intelligence and Security. SANYA, CHINA,2011,998-1000.
- Huawang Shi, Wanqing Li. Risk Assessment for Construction Projects Contracting Based on Unascertained Sets. Journal of computers.2011,Vol6,No.11:2446-2453.
Abstract Views: 141
PDF Views: 50