基于服务的计算系统中的安全度量

2012 Fifth IEEE International Conference on Service-Oriented Computing and Applications (SOCA) Pub Date : 2012-12-17 DOI:10.1109/SOCA.2012.6449459

C. Mu, W. Zeng

{"title":"基于服务的计算系统中的安全度量","authors":"C. Mu, W. Zeng","doi":"10.1109/SOCA.2012.6449459","DOIUrl":null,"url":null,"abstract":"We propose a method for quantitative security analysis of service-based computing systems based on probabilistic and information theoretical approaches. We focus on the pattern of the user's behaviours with the service providers. We build probabilistic models from system observations at various levels of abstraction depending on the confidentiality preserving mechanisms applied by the system. The probabilistic models allow us to quantify a system's observable behaviours under any given security preserving mechanisms. We present a number of measurements on the confidentiality loss of the computing system. We show how such measurement can be used to determine the degree of protection provided by the computing solution.","PeriodicalId":298564,"journal":{"name":"2012 Fifth IEEE International Conference on Service-Oriented Computing and Applications (SOCA)","volume":"26 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2012-12-17","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"4","resultStr":"{\"title\":\"Security measurement in service-based computing systems\",\"authors\":\"C. Mu, W. Zeng\",\"doi\":\"10.1109/SOCA.2012.6449459\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"We propose a method for quantitative security analysis of service-based computing systems based on probabilistic and information theoretical approaches. We focus on the pattern of the user's behaviours with the service providers. We build probabilistic models from system observations at various levels of abstraction depending on the confidentiality preserving mechanisms applied by the system. The probabilistic models allow us to quantify a system's observable behaviours under any given security preserving mechanisms. We present a number of measurements on the confidentiality loss of the computing system. We show how such measurement can be used to determine the degree of protection provided by the computing solution.\",\"PeriodicalId\":298564,\"journal\":{\"name\":\"2012 Fifth IEEE International Conference on Service-Oriented Computing and Applications (SOCA)\",\"volume\":\"26 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2012-12-17\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"4\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2012 Fifth IEEE International Conference on Service-Oriented Computing and Applications (SOCA)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/SOCA.2012.6449459\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2012 Fifth IEEE International Conference on Service-Oriented Computing and Applications (SOCA)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/SOCA.2012.6449459","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 4

摘要

我们提出了一种基于概率和信息理论方法的基于服务的计算系统的定量安全分析方法。我们关注用户与服务提供商之间的行为模式。我们根据系统应用的保密机制，从不同抽象层次的系统观察中构建概率模型。概率模型允许我们在任何给定的安全保护机制下量化系统的可观察行为。我们提出了一些测量计算系统的机密性损失。我们将展示如何使用此类测量来确定计算解决方案提供的保护程度。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

Security measurement in service-based computing systems

We propose a method for quantitative security analysis of service-based computing systems based on probabilistic and information theoretical approaches. We focus on the pattern of the user's behaviours with the service providers. We build probabilistic models from system observations at various levels of abstraction depending on the confidentiality preserving mechanisms applied by the system. The probabilistic models allow us to quantify a system's observable behaviours under any given security preserving mechanisms. We present a number of measurements on the confidentiality loss of the computing system. We show how such measurement can be used to determine the degree of protection provided by the computing solution.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

2012 Fifth IEEE International Conference on Service-Oriented Computing and Applications (SOCA)

自引率

0.00%

发文量