| SPKI/SDSI2.0的安全性分析 |
| |
| 引用本文: | 耿秀华,何永忠.SPKI/SDSI2.0的安全性分析[J].北方交通大学学报,2013(5):23-28. |
| |
| 作者姓名: | 耿秀华 何永忠 |
| |
| 作者单位: | [1]北京信息职业技术学院软件工程系,北京100018 [2]北京交通大学计算机与信息技术学院,北京100044 |
| |
| 基金项目: | 教育部高校创新团队资助项目(IRT20 1206) |
| |
| 摘 要: | 用标准的Datalog程序表示信任管理系统SPK I/SDSI2.0的系统状态,以Datalog程序的最小Herbrand模型作为它的语义,定义了信任管理系统SPKI/SDSI2.0的安全分析模型,制定了状态转换的限制规则,该限制规则是可实现的,在此基础上对SPKI/SDSI2.0的权限泄露问题进行了全面的分析,证明了该问题是在多项式时间内可判定的;证明了一个状态对于权限r是否可靠依赖且仅依赖于关于权限r的可信主体集合,并给出了计算可信主体集合的算法.
|
| 关 键 词: | 信任管理 SPKI SDSI2 0 安全性 约束 |
Security analysis in SPKI/SDSI2.0 |
| |
| GENG Xiuhua,HE Yongzhong.Security analysis in SPKI/SDSI2.0[J].Journal of Northern Jiaotong University,2013(5):23-28. |
| |
| Authors: | GENG Xiuhua HE Yongzhong |
| |
| Institution: | 1. Department of Software Engineering, Beijing Information Technology College, Beijing 100018, China; 2. School of Computer and Information Technology, Beijing Jiaotong University, Beijing 100044, China) |
| |
| Abstract: | We get logic programs based on translating each policy statement in trust management system SPKI/SDSI2.0 into corresponding Datalog clauses. The minimal Herbrand model of Data- log program is used as the program's semantics, so the safety analysis model for SPKI/SDSI2.0 is defined and limit rules of state transmission are formulated. The limit rules are realizable. Based on this model, the security properties in SPKI/SDSI2.0 are synthetically analyzed. As a result, simple safety can be resolved in polynomial time. To a specific right r, whether a SPKI/SDSI2.0 system state is reliable relies on and only relies on the set of trusted principals about right r. Moreover, the algorithm which searches all trusted principals to specific right in a given state is also presented. |
| |
| Keywords: | trust management SPKI/SDSI2 0 safety constraint |
| 本文献已被 维普 等数据库收录! |
|
