Title :
Security evaluation model of the information system based on the security characteristic measure for the key
Author :
Qingyu, Ou ; Dawei, Zhou
Author_Institution :
Dept. of Inf. Security, Naval Univ. of Eng., Wuhan, China
Abstract :
In the current information system, cryptography technology is widely applied to protect the sensitive information, so the amount of the used key is large and its correlation is complex. To evaluate the security state of the pivotal area and element of the system, a security evaluation scheme for the key based on the security characteristic measure is proposed in this paper. By the means of formalization, the model of the key in the system is constructed, and the security condition of the key is analyzed. In addition, to reflect the layer and the change of the security property for the key, the security state of all sorts of keys are measured objectively by integrating the security level and the probability of uncontrollability. The experiment shows that, the category, layer and updating frequency of the key can be considered, so the security of the key can be estimated objectively and reliably to achieve the security of the information system.
Keywords :
cryptography; information systems; probability; cryptography technology; information system; security characteristic measure; security evaluation scheme; uncontrollability probability; Authorization; Cryptography; World Wide Web; information system; key; security estimation; security feature measure; security level;
Conference_Titel :
Computer, Mechatronics, Control and Electronic Engineering (CMCE), 2010 International Conference on
Conference_Location :
Changchun
Print_ISBN :
978-1-4244-7957-3
DOI :
10.1109/CMCE.2010.5610349
