大规模分布式系统实体交互脆弱性分析方法-计算机工程与应用.PDFVIP

98 2011 ，47 （18） Computer Engineering and Applications 计算机工程与应用 大规模分布式系统实体交互脆弱性分析方法 1，2 2 2 1 赵 刚 ，赵金晶 ，况晓辉 ，郑纬民 1，2 2 2 1 ZHAO Gang ，ZHAO Jinjing ，KUANG Xiaohui ，ZHENG Weimin 1.清华大学 计算机科学与技术系，北京 100084 2.北京系统工程研究所，北京 100101 1.Department of Computer Science and Technology ，Tsinghua University ，Beijing 100084，China 2.Beijing Institute of System Engineering ，Beijing 100101，China ZHAO Gang ，ZHAO Jinjing ，KUANG Xiaohui ，et al.Analysis on entity interaction vulnerability in large-scale distributed system.Computer Engineering and Applications ，2011 ，47 （18）：98-102. Abstract ：Due to the resource distributing ，user distributing ，computing distributing and management distributing in Large-scale Distributed System （LDS ），the frequent interaction between entities becomes the foundation for the implementation of its ba- sic operation and security mechanism.An analysis model named as LDS-IVA on Interaction Vulnerability Analysis is presented ， which is aimed at the analysis of entity interaction vulnerabilities resulting from the lack of security mechanism.LDS-IVA builds the entity interaction model ，designs the general interaction security mechanism description language IS-LAN ，takes the key resources in LDS as the objects for analyzing ，and adopts the Finite State Machine （FSM ）technique to analyze and validate the entity interaction vulnerabilities.In this way ，LDS-IVA finds out the bad influence on the resource confidentiality ，integrity and availability caused by the lack of security mechanism ，and thus recognizes the vulnerabilities and attack patterns in LDS. Key words ：Large-scale Distributed System （LDS ）；entity interaction model ；vulnerability analysis ；Finite State Machine （SFM） 摘 要：大规模分布式系统中资源、用户、计算和管理分布化的特点，决定了实体间的频繁交互成为大规模分布式系统完成基本 业务和实现安全机制的基本手段。针对因安全机制缺失而引入的大规模分布式系统交互脆弱性问题，提出了一种大规模分布式 系统实体交互脆弱性