{"title":"基于服务组合的信息系统动态行为安全评价","authors":"DanChen Wang, Yang Xu, Peng Xu","doi":"10.1109/ISKE.2015.71","DOIUrl":null,"url":null,"abstract":"In the complex network environment, system service is dynamically adjusted according to the changes of user behavior and computing environment. Also, security strategy tends to be more dynamic based on the work flow, which will bring new challenges to the security evaluation of system operation. Therefore, this paper aims to regard the service composition business as research object, focusing on the analysis of security equipment's character that deployed by the system, abstracting the behavior of security service, classifying it to the business service, and systematically solving the security evaluation problems in business operation. Meanwhile, user behavior pattern is established on the cloud-model theory, and fully studied in the premise of ensuring the structural accuracy of work flow. Then, by analyzing the credibility of user behavior, the utility function is defined from the relation between threat and protection, and the security service efficiency identified by the change operation set of security service. Furthermore, a guaranteeing method is raised to the rational reconstruction by a security component, which produces an adequate redundant path of component service according to the existing executive record and logical structure, so as to reach the goal of ensuring the operation security of system business.","PeriodicalId":312629,"journal":{"name":"2015 10th International Conference on Intelligent Systems and Knowledge Engineering (ISKE)","volume":"59 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2015-11-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"1","resultStr":"{\"title\":\"Information System's Security Evaluation of Dynamic Behavior Based on Service Composition\",\"authors\":\"DanChen Wang, Yang Xu, Peng Xu\",\"doi\":\"10.1109/ISKE.2015.71\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"In the complex network environment, system service is dynamically adjusted according to the changes of user behavior and computing environment. Also, security strategy tends to be more dynamic based on the work flow, which will bring new challenges to the security evaluation of system operation. Therefore, this paper aims to regard the service composition business as research object, focusing on the analysis of security equipment's character that deployed by the system, abstracting the behavior of security service, classifying it to the business service, and systematically solving the security evaluation problems in business operation. Meanwhile, user behavior pattern is established on the cloud-model theory, and fully studied in the premise of ensuring the structural accuracy of work flow. Then, by analyzing the credibility of user behavior, the utility function is defined from the relation between threat and protection, and the security service efficiency identified by the change operation set of security service. Furthermore, a guaranteeing method is raised to the rational reconstruction by a security component, which produces an adequate redundant path of component service according to the existing executive record and logical structure, so as to reach the goal of ensuring the operation security of system business.\",\"PeriodicalId\":312629,\"journal\":{\"name\":\"2015 10th International Conference on Intelligent Systems and Knowledge Engineering (ISKE)\",\"volume\":\"59 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2015-11-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"1\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2015 10th International Conference on Intelligent Systems and Knowledge Engineering (ISKE)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/ISKE.2015.71\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2015 10th International Conference on Intelligent Systems and Knowledge Engineering (ISKE)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ISKE.2015.71","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Information System's Security Evaluation of Dynamic Behavior Based on Service Composition
In the complex network environment, system service is dynamically adjusted according to the changes of user behavior and computing environment. Also, security strategy tends to be more dynamic based on the work flow, which will bring new challenges to the security evaluation of system operation. Therefore, this paper aims to regard the service composition business as research object, focusing on the analysis of security equipment's character that deployed by the system, abstracting the behavior of security service, classifying it to the business service, and systematically solving the security evaluation problems in business operation. Meanwhile, user behavior pattern is established on the cloud-model theory, and fully studied in the premise of ensuring the structural accuracy of work flow. Then, by analyzing the credibility of user behavior, the utility function is defined from the relation between threat and protection, and the security service efficiency identified by the change operation set of security service. Furthermore, a guaranteeing method is raised to the rational reconstruction by a security component, which produces an adequate redundant path of component service according to the existing executive record and logical structure, so as to reach the goal of ensuring the operation security of system business.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
