基于业务流程的计算机网络安全防御体系研究
摘要
2003年以来,金融证券行业进行了大规模集中式计算机网络建设和业务流程重组,已经完全进入了“数据大集中”时代,安全风险凸显,安全事故将导致更大的经济损失和声誉影响。不仅如此,计算机网络被恶意入侵的机会越来越多,加上难以避免的网络自身故障,面临着数据丢失、主机宕机、传输中断、网络瘫痪等引发的业务中断,风险与日俱增。因此,对业务流程的可靠性和连续性提出了更高的要求。
传统的由网络防病毒系统、入侵检测系统、漏洞扫描系统等组成的以被动策略为主的安全防御体系,是以威胁特征码的积累并依赖机器学习训练达到防御的目的,没有从企业业务流程、操作系统和计算机主机源头进行强化保护,这种防御体系不足以增强业务流程的安全保障能力。本文根据免疫学原理,借鉴“自体(Self)”、“非自体(Nonself)”概念,提出了“自体保护、拒绝非自体”的增强自身免疫力的安全防御理念,通过本文提出的元网络方法作为具体业务流程网络的抽象描述和结构设计依据,实现了OA网络、交易网络、容灾网络以及周边网络的规划设计;通过保护关键网络设备、主机、业务应用程序及其通信连接达到了业务运行的可靠性和连续性的目标,并构成了完整的、基于业务流程的网络安全防御体系(Network Security System on Business Process, BPNSS)。BPNSS是由两部分构成的,一部分是业务流程网络的安全设计,一部分是软件系统。
根据自体保护的安全理念,结合传统的PPDR(即保护Protection、阻止Prevention、检测Detection、响应Response)安全模型,本文构建了一个新的动态免疫安全模型MPR-RPDRR (即管理策略/风险分析Management Policy/Risk Analysis、需求/保护Request/Protection、检测Detection、响应Response和恢复Restore),并给出了该模型的形式化描述,为BPNSS软件系统的功能设计提供了理论上的指导。根据MPR-RPDRR中描述的安全信任域的划分,提出了元网络的概念,对元网络进行了形式化的描述,讨论了元网络的相关设计规则,从理论上很好地印证了实际网络架构中办公网络与业务网络分离的思想,为BPNSS的业务网络设计提供了理论上的依据。
BPNSS软件系统是由进程拦截模块(验证程序完整性,在程序执行前予以认证)、进程保护模块(验证进程合法性)、封包过滤模块(验证网络连接合法性)、系统监视模块(监视关键网络设备、主机、进程)、系统恢复模块、安全管理中心(Security Management Center,SMC)等六个部分组成的。其中,SMC的策略组成部分主要有自体程序特征码、自体进程保护码、封包过滤规则、系统监视对象定义和系统恢复规则等,而策略是由管理者根据实际的业务流程进行自定义,因为自体保护不需要经过训练和学习,只需对业务流程所涉及的实体进行一次性定义即可,因此,管理简单,维护成本低廉。另外,SMC与各功能模块的消息传递和协作,采用基于UDP的自定义协议SUDP,相对于TCP协议而言,可以很好地穿透NAT,速度快,支持安全控制,并根据丢包率和网速动态地控制发包速度。
全文基于自体保护的安全理念,综合采用了Z形式语言、Petri Net建模方式形式化地描述了BPNSS,给出了基于元网络方法的网络架构设计,并采用Agent技术实现了进程拦截、进程保护、封包过滤以及系统监控恢复模块,经过实践应用证明,在企业内部网络中,BPNSS弥补了传统安全防御体系中的不足,能有效地保护业务流程的安全,保证了业务流程的可靠性和连续性。
The finance and securities industry has already completely entered the era of "large data concentration " after it took centralized network building and process reorganization since 2003, the network security is becoming more and more noticeable, and once a security problem appears,the large economic loss and fame harm will follow. Furthermore, the chances that the network is attacked maliciously are becoming more and more. In addition, another causes from fault network itself, to the business by network, so come the problems of the business interruption caused by which the data loses, network breaks down, data transfer interrupts. The business process’(BP) reliability and continuity propose higher request.
The multidimensional defense system constructed by traditional network antivirus system, IDS (Intrusion Detection System), hole sweeping system etc. is built on the basis of passive strategies, its effect is not desirable if the BP’s security isn’t regarded as not strengthening the BP, the Operation System and the computer hosts, it only depends on the computer drills with the thread codes to achieve effect. This paper draws lessons from immunology principle to propose the notions of "self", "non-self", and a new security defense concept with protecting "self" and rejecting "non-self" is adopted. According to the "meta-net (MN)" be brought first by the paper, the OA network, the exchang network and the backup network are designed based the BP. The aim to ensure BP continuity and reliability is achieved to protect key network devices, hosts, business applications programs and network connections between hosts to form an integrated network security system on BP (BPNSS).BPNSS is made up of the BP network design based on the MN and the software system.
A new dynamic immune security model named MPR-RPDRR (Management Policy/Risk Analysis, Request/Protection, Detection, Response, and Restore) is set up by integrating the traditional PPDR (Protection, Prevention, Detection, and Response) security model with the security concept of the self-protection and the self-immune enhancement. The MPR-RPDRR is described formally and provide theoretical guide for the function design of BPNSS’software system. According to the security authentic domain, the notion of Meta-Net is proposed and described formally; the discussions of its design rules confirm the thought of the network isolation between the office automation (OA) and the business perfectly. The new network can be further designed by the consideration of the BP's significance according to the Meta-Net.
The BPNSS’software system includes six modules: the process filtering module (to verify the integrity of the programs, before the running of the programs), the processs protection module (to verify the legality of the programs); the network packet filtering module (to verify the legality of the process); the system monitoring module (to monitor the key network equipments, hosts and process); the system recovery module; the security management center (SMC). SMC’s polices include the program safe codes, process identification codes, the packet filtering rules, system monitoring object definitions, and the recovery rules. The SMC’s polices need to be added or adjusted according to the BP by the computer managers, because the self-protection needn’t study through drills, but depend on "accumulation" of the known things.In the BPNSS, we adopt the Agent technique to carry out each function, communication and cooperation between every Agent and SMC. In order to reduce the net flow, each Agent has an own strategy library that synchronizes with the SMC. The communication between Agents adopts user-defined protocol SUDP based on UDP, in respect to TCP, the SUDP can penetrate through NAT,transfer fast, support security control and can control speed to send messages dynamically according to the loss rate of the packages and network speed.
This paper brings forward the self-protection security concept to set up a security defense architecture-BPNSS which is described by the formalized language Z and the Petri Net model, it realizes the process filtering system, process recognition system, packet filtering system and the monitoring /recovery system by using the Agent technique, and a network design by the Meta-Net is given to ensure the BP's continuity and reliability.
传统的由网络防病毒系统、入侵检测系统、漏洞扫描系统等组成的以被动策略为主的安全防御体系,是以威胁特征码的积累并依赖机器学习训练达到防御的目的,没有从企业业务流程、操作系统和计算机主机源头进行强化保护,这种防御体系不足以增强业务流程的安全保障能力。本文根据免疫学原理,借鉴“自体(Self)”、“非自体(Nonself)”概念,提出了“自体保护、拒绝非自体”的增强自身免疫力的安全防御理念,通过本文提出的元网络方法作为具体业务流程网络的抽象描述和结构设计依据,实现了OA网络、交易网络、容灾网络以及周边网络的规划设计;通过保护关键网络设备、主机、业务应用程序及其通信连接达到了业务运行的可靠性和连续性的目标,并构成了完整的、基于业务流程的网络安全防御体系(Network Security System on Business Process, BPNSS)。BPNSS是由两部分构成的,一部分是业务流程网络的安全设计,一部分是软件系统。
根据自体保护的安全理念,结合传统的PPDR(即保护Protection、阻止Prevention、检测Detection、响应Response)安全模型,本文构建了一个新的动态免疫安全模型MPR-RPDRR (即管理策略/风险分析Management Policy/Risk Analysis、需求/保护Request/Protection、检测Detection、响应Response和恢复Restore),并给出了该模型的形式化描述,为BPNSS软件系统的功能设计提供了理论上的指导。根据MPR-RPDRR中描述的安全信任域的划分,提出了元网络的概念,对元网络进行了形式化的描述,讨论了元网络的相关设计规则,从理论上很好地印证了实际网络架构中办公网络与业务网络分离的思想,为BPNSS的业务网络设计提供了理论上的依据。
BPNSS软件系统是由进程拦截模块(验证程序完整性,在程序执行前予以认证)、进程保护模块(验证进程合法性)、封包过滤模块(验证网络连接合法性)、系统监视模块(监视关键网络设备、主机、进程)、系统恢复模块、安全管理中心(Security Management Center,SMC)等六个部分组成的。其中,SMC的策略组成部分主要有自体程序特征码、自体进程保护码、封包过滤规则、系统监视对象定义和系统恢复规则等,而策略是由管理者根据实际的业务流程进行自定义,因为自体保护不需要经过训练和学习,只需对业务流程所涉及的实体进行一次性定义即可,因此,管理简单,维护成本低廉。另外,SMC与各功能模块的消息传递和协作,采用基于UDP的自定义协议SUDP,相对于TCP协议而言,可以很好地穿透NAT,速度快,支持安全控制,并根据丢包率和网速动态地控制发包速度。
全文基于自体保护的安全理念,综合采用了Z形式语言、Petri Net建模方式形式化地描述了BPNSS,给出了基于元网络方法的网络架构设计,并采用Agent技术实现了进程拦截、进程保护、封包过滤以及系统监控恢复模块,经过实践应用证明,在企业内部网络中,BPNSS弥补了传统安全防御体系中的不足,能有效地保护业务流程的安全,保证了业务流程的可靠性和连续性。
The finance and securities industry has already completely entered the era of "large data concentration " after it took centralized network building and process reorganization since 2003, the network security is becoming more and more noticeable, and once a security problem appears,the large economic loss and fame harm will follow. Furthermore, the chances that the network is attacked maliciously are becoming more and more. In addition, another causes from fault network itself, to the business by network, so come the problems of the business interruption caused by which the data loses, network breaks down, data transfer interrupts. The business process’(BP) reliability and continuity propose higher request.
The multidimensional defense system constructed by traditional network antivirus system, IDS (Intrusion Detection System), hole sweeping system etc. is built on the basis of passive strategies, its effect is not desirable if the BP’s security isn’t regarded as not strengthening the BP, the Operation System and the computer hosts, it only depends on the computer drills with the thread codes to achieve effect. This paper draws lessons from immunology principle to propose the notions of "self", "non-self", and a new security defense concept with protecting "self" and rejecting "non-self" is adopted. According to the "meta-net (MN)" be brought first by the paper, the OA network, the exchang network and the backup network are designed based the BP. The aim to ensure BP continuity and reliability is achieved to protect key network devices, hosts, business applications programs and network connections between hosts to form an integrated network security system on BP (BPNSS).BPNSS is made up of the BP network design based on the MN and the software system.
A new dynamic immune security model named MPR-RPDRR (Management Policy/Risk Analysis, Request/Protection, Detection, Response, and Restore) is set up by integrating the traditional PPDR (Protection, Prevention, Detection, and Response) security model with the security concept of the self-protection and the self-immune enhancement. The MPR-RPDRR is described formally and provide theoretical guide for the function design of BPNSS’software system. According to the security authentic domain, the notion of Meta-Net is proposed and described formally; the discussions of its design rules confirm the thought of the network isolation between the office automation (OA) and the business perfectly. The new network can be further designed by the consideration of the BP's significance according to the Meta-Net.
The BPNSS’software system includes six modules: the process filtering module (to verify the integrity of the programs, before the running of the programs), the processs protection module (to verify the legality of the programs); the network packet filtering module (to verify the legality of the process); the system monitoring module (to monitor the key network equipments, hosts and process); the system recovery module; the security management center (SMC). SMC’s polices include the program safe codes, process identification codes, the packet filtering rules, system monitoring object definitions, and the recovery rules. The SMC’s polices need to be added or adjusted according to the BP by the computer managers, because the self-protection needn’t study through drills, but depend on "accumulation" of the known things.In the BPNSS, we adopt the Agent technique to carry out each function, communication and cooperation between every Agent and SMC. In order to reduce the net flow, each Agent has an own strategy library that synchronizes with the SMC. The communication between Agents adopts user-defined protocol SUDP based on UDP, in respect to TCP, the SUDP can penetrate through NAT,transfer fast, support security control and can control speed to send messages dynamically according to the loss rate of the packages and network speed.
This paper brings forward the self-protection security concept to set up a security defense architecture-BPNSS which is described by the formalized language Z and the Petri Net model, it realizes the process filtering system, process recognition system, packet filtering system and the monitoring /recovery system by using the Agent technique, and a network design by the Meta-Net is given to ensure the BP's continuity and reliability.
引文
[1] British Standards Institution. Information security management systems-Specification with guidance for use. BS 7799-2:2005
[2]吴煜煌,汪军,阚君蛮等编著.网络与信息安全教程.北京:中国水利水电出版社, 2006
[3] Roy Campbell, Tin Qian. Dynamic Agent-based Security Architecture for Mobile Computers. PDCN’98, Australia, 1998.
[4] Son T.Vuong, Peng Fu. A Security Architecture and Design for Moblie Intelligent Agent Systems. ACM SIGAPP Applied Computing Reivew, 2001, 9(1):21-30,.
[5] Ashutosh Jaiswal, Yongdae Kim, Maria Gini. Security Model for a Multi-Agent Marketplace. ICEC 2003.Pittsburgh,PA
[6] Chelliah Thirunavukkarasu, T.Finin, J.Mayfield. Secret Agents-Security Architecture for the KQML Agent Communication Language.CIKM, Dec.1995.
[7] Jieh-Sheng Lee, Jieh Hsiang, Po-Hao Tsang. A generic virus detection Agent on the Internet. System Sciences, 1997, Proceedings of the Thirtieth Hawaii International Conference on Volume 4, Issue , 1997 ,4(6):210 - 219
[8] Balasubramaniyan, J.S., Garcia-Fernandez, J.O., Isacoff, D.,et al. Architecture for intrusion detection using autonomous Agents. Proceedings on Computer Security Applications Conference, 14th Annual , 7-11 Dec. 1998 P:13– 24
[9] Crosbie M, Spaford E H. defending a computer system using autonomous Agents. Proceedings of the 18th National Information Systems Security Conference, Baltimore, MD, Oct. 1995, 549-558
[10] Jai S B., Jose O., Isacof D, et al. An Architecture for Intrusion Detection using Autonomous Agents, Purdue University, West Lafayete, Cost TR 98-05, 1998
[11] Charles Ling-yu Chou, Timon Du, Vincent S. Lai. Continuous auditing with amulti-Agent system. Source Decision Support Systems, 2007.1,42(4):2274-2292.
[12] Michalas, A., Kotsilieris, T., Kalogeropoulos, S., et al. Enhancing the performance of mobile Agent based network management applications. Proceedings. The 6th IEEE Symposium on Computers and Communications, 3-5 July 2001, pp. 432-437
[13] Satoh, I. A framework for building reusable mobile Agents for network management. Network Operations and Management Symposium, 2002, 15-19 April 2002, pp. 51-64
[14] K MatsubByask. A Collaboration Mechanism on Positiv Interactions in MultiAgent Environmentss. IJCAI’93,August 1993,346-351
[15] G Cornuejols, G Nembouser, L Wolsey. The Uncapacited Facity Location Problem. Carnegie-Mellon University, MSRR,N.493,1983
[16] M Tokoro. Computational Field Model: Toward a New Computing Model/Methodology for Open Distributed Environment. Proceeding of 2nd IEEE Workshop on Future Trends in Distributed Computing System,Sept 1990
[17] E osawa. A Scheme for Agent Collaboration in Open MultiAgent Environment. Proceeding of IJCAI’93,August 1993,352-358
[18] Hofmeyr, S. Forrest. Architecture for an Artifical Immune System. Evolutionary Computation, 2000,Vol.7(1):45-68
[19] Leandro N de Castro, Jon Timmis. Artificial Immune Systems: A New Computational Intelligence Approach. Springer-Verlag, London, Setptember, 2002
[20] Hofmeyr S A, Forrest S. Immunity by Design: An Artificial Immune System. Proc. Of GECCO’99, Orlando, Florida, USA, 1999
[21] Jerne N K. Towards a Network Theory of the Immune System. Annual Immunology, 1974,Vol.125c(1-2):373-89
[22] D Dasgupta, Immune-based intrusion detection system: a general framework. Proceedings of the 22nd national information systems security conference(NISSC), Virginia, USA, 1999
[23] Edward S. Golub. Network theory and the immune system. London: Cambridge University Press,Volumn8,Issue 1,Feb. 2005;
[24] Forrest S, Hofmeyr S A, Somayaji A. Computer Immunology. Communications of the ACM, 1997,Vo.40(10):88-96
[25]李涛.计算机免疫学.北京:电子工业出版社,2004(7)
[26] Seiden PE, Celada F. A model for simulating cognate recognition and response in the immune system. J Theor Biol. 1992 Oct 7,158(3):329-57
[27] Kumar K,Spafford E. A Pattern Matching Model for Missue Intrusion Detection. In Proceedings of the 17th National Computer Security Conference,1994(10):11-12
[28]林闯.随机Petri网和系统性能评价.北京:清华大学出版社,2000
[29]袁崇义. Petri网原理与应用.北京:电子工业出版社,2005
[30]周剑岚.基于Agent的内部网络安全系统研究及实现:[博士学位论文].华中科技大学图书馆,2006
[31] J.M.Spivey. The Z Notation:A Reference Manual(Second Edition).England:Oriel College, Oxford, 1998
[32]缪淮扣,李刚,朱关铭等.软件工程语言-Z.上海:上海科学技术文献出版社,1999
[33]吴增基.现代社会学.上海:上海人民出版社, 2005
[34] Walter Oney. Programming the Microsoft Windows Driver Model, Second Edition. New York: Microsoft Press, 2002
[35] Chang Y L,Chen S et a1.Workflow Process Definition and their Applications in e-Commerce[C].In:International Symposium on Multimedia Software engineering 2000,2000:193~200
[36] Nassi, B.Shneiderman. Flowchart techniques for structured programming. ACM SIGPLAN Notices,1973, Volume 8 , Issue 8:12-26
[37] Moore, M.J.; Sheffield, J.R. A PDL synthesizer for real-time systems. Aerospace and Electronics Conference, 1989. NAECON 1989., Proceedings of the IEEE 1989National,Volume , Issue , 22-26 May 1989 Page(s):515 - 520 vol.2
[38] KIM C H,WESTON R H.The complementary use of IDEF and UML modeling approaches].Computers in Industry,2003,50:35-56
[39] Yang Musheng, Zhang Yu. Intelligent Integrated Method of EPC and SPC in Manufacturing Process Quality Control. Control and Automation, 2007. ICCA 2007:1812-1816
[40] Ari Juels. Strengthening EPC tags against cloning. Workshop on Wireless Security,2005, Security analysis:67-76
[41] W.M.P. van der Aalst. Three Good Reasons for Using a Petri-net-based Workflow Management System. In S. Navathe and T. Wakayama, editors, Proceedings of the International Working Conference on Information and Process Integration in Enterprises (IPIC’96),Cambridge, Massachusetts, Nov 1996, pages 179–201
[42] W.M.P. van der Aalst, A.H.M. ter Hofstede, B. Kiepuszewski, and A.P. Barros. Workflow Patterns. QUT Technical report, FIT-TR-2002-02, Queensland Universityof Technology, Brisbane, 2002
[43] W.M.P. van der Aalst and A.H.M. ter Hofstede. Workflow Patterns: On the Expressive Power of (Petri-net-based) Workflow Languages. In K. Jensen, editor,Proceedings of the Fourth Workshop on the Practical Use of Coloured Petri Nets and CPN Tools (CPN 2002), Aarhus, Denmark,August 2002, volume 560 of DAIMI, pages 1–20, University of Aarhus
[44] W.M.P. van der Aalst and A.H.M. ter Hofstede. YAWL: Yet Another Workflow Language. QUT Technical report, FIT-TR-2002-06, Queensland University of Technology, Brisbane, 2002
[45] W.M.P. van der Aalst, B.F. van Dongen, J. Herbst, L. Maruster, G. Schimm, A.J.M.M. Weijters. Workflow Mining: A Survey of Issues and Approaches. Data and Knowledge Engineering, 2003 (to appear)
[46] T Murata. Petri nets: Properties, analysis and application. In: ProcIEEE,1989:541-580
[47] W. Ching Huey, W. Feng Jian. An Object-Oriented Modular Petri Nets for Modeling Service Oriented Applications. Computer Software and Applications Conference, 2007. COMPSAC 2007 - Vol. 2. 31st Annual International, Volume 2, Issue , 24-27 July 2007 Page:479– 486
[48] S Forrest, A S Perelson, L Allen, R Cherukuri. Self-Nonself Discrimination in a Computer. Proceedings of IEEE Symposium on Research in Security and Privacy, Oakland, May,1994:202-212
[49] Winn Schwartau. Time Based Security[M]. Interact Pr ,Feb,1999
[50]何炎祥,陈莘萌. Agent和多Agent系统的设计和应用.武汉:武汉大学出版社,2001
[51] Wooldridge M., N. R. Jennings. Intelligent Agents: Theory and Practice. Knowledge Engineering Review, 1995, 10(2): 52-94
[52] Wooldridge M., N. R. Jennings. Intelligent Agents: Theory and Practice. Knowledge Engineering Review, 1995, 10(2): 52-94
[53]史忠植.智能主体及其应用.北京,科学出版社,2000
[54]何炎样,杜卓敏. MADCE中的多Agent协作策略研究.武汉大学学报(理学版), 2001, 47(1): 42-46
[55]张正秋. Windows应用程序捆绑核心编程[M].北京:清华大学出版社, 2006
[56] Kehart JO. A biologically inspired immune system for computers. Proceedings on the Fourth International Workshop on the Synthesis and Simulation of Living Systems and Artificial Life, 1994:130-139
[57]刘克龙,蒙杨.一种新型的网络安全实现方法-基因计算机.计算机学报,2000,23(3):324-329
[58] Okamoto T, Ishida Y. A distributed approach against computer viruses inspired by the immune system. IEICE Trans Commun, 2000,E83-B(5):908-915
[59] Mamelstein R E, Van Veldhuizen D A, Lamont G B. A distributed architecture foran adaptive computer virus immune system. Proceedings of the IEEE International Conference on Systems, Man and Cybernetics, 1998,4:3838-3843
[60] Kim J, Bentley P. An evalution of negative selection in an artificial immune system for network intrusion detection. Proceedings of the Genetic and Evoluntionary Computation Conference(GECCO-2001), San Francisco, California, USA, 2001: 1330-1337
[61] Barrants E G, Ackley D H, Forrest S,et al. Randomized instruction set emulation to disrupt binary code injection attacks. Proc 10th ACM Conference on Computer and Communications Security(CCS 2003), 2003: 281-289.
[62] Biba K J. Integrity considerations for secure computer systems. Bedford, Massachussets, USA: USAF Electronic Systems Division, 1977
[63] Trust Computing Group. TPM main specification: design principles v1.2.(2003-10). https://www.trustedcomputinggroup.org
[64]黄强,沈昌祥.基于可信计算的保密和完整性统一安全策略.计算机工程与应用,2006,42(10):15-18
[65] Cohen F. Computer viruse: theory and experiments. Computers and Security,1987,6(1):22-35
[66]陈泽茂,沈昌祥.解释型病毒及其防御策略研究.计算机工程与应用,2004,40(19):29-32
[67] Frederick P.Brooks,Jr. The Mythical Man-Month:Essays on Software Engineering, Anniversary Edition(2n Edition). US: Addison Wesley, 2002
[68] Ian Sommerville. Software Engineering:(Update)(8th Edition) . England: Pearson Education Limited, 2007
[69]唐超.面向应用需求的软件Agent系统研究与开发:[博士学位论文],华中科技大学图书馆,2002
[70] Lin, Xiao-dong, Yang, Yi-xian, Ma, Yan. Design and implementation of Internet firewall. Journal of China Institute of Communication, 1998,19(1):66~69 (inChinese)
[71] Jiang, Tao, Liu, Ji-ren. Design and implementation of a kind of virtual private network. Journal of Northeastern University, 2000, 21(2):136~139 (in Chinese)
[72]朱雁辉.Windows防火墙与网络数据包截获技术.北京:电子工业出版社,2000
[73] W.Richard Stevens. TCP/IP Illustracted Volume I: The Protocols. Addison-Wesley Professiona, US Ed Edition,1994;
[74] Ary R.Wright, W.Richard Stevens. TCP/IP Illustracted Volume II: The Implementation. Addison-Wesley Professiona, US Ed Edition,1994
[75] W.Richard Stevens. TCP/IP Illustracted Volume III: TCP for Transactions, HTTP, NNTP, and the UNIX Domain Protocols. Addison-Wesley Professiona, US Ed Edition,1994
[76] Gary Nebbett. Windows NT/2000 Native API Reference. United Kingdom: Pearson Education, 2000
[77] Wenbo Mao. Modern Cryptograghy: Theory and Practice (现代密码学理论与实践).王继林,伍前红.北京,电子工业出版社,2004
[78] NBS. Data Encryption Standard. U.S. Department of Commerce, FIPS Publication 46, Washington, D.C., 1977. National Bureau of Standards
[79] W. Diffie, M. Hellman. New Directions in Cryptography. IEEE Transactions on information Theory, 1996, 22 pp.644-654
[80] Kephart J. 0.. A Biologically Inspired Immune System for Computers. Proceeding of the 4th International Workshop on the Synthesis and Simulation of Living Systems, 1994, MIT Press, 30-139
[81] R.L.Rivest, A.Shamir, L.M.Adleman. A Method for Obtaining Digital Signatures and Public-Key Cryptosystems. Communications of the ACM, 1978, 21(2): 120-126
[82] S.E. Landor. Issues in multiAgent systems. IEEE Expert Mag. April, 1997, 18–26
[83] Finin, T., Weber, J. Draft Specification of the KQML Agent-CommunicationLanguage. June 15, 1993
[84] Chelliah Thirunavukkarasuy, Tim Finin, James Mayfield. Secret Agents-A Security Architecture for the KQML Agent Communication Language. Draft submitted to the CIKM'95 Intelligent Information Agents Workshop, Baltimore, December 1995
[85] Wong, H. C., K. Sycara. Adding security and trust to multi-Agent systems. Proc. Autonomous Agents’99 workshop on deception, fraud and trust in Agent societies, 1999, pp.146-161
[86]郭瑞景,苏敏,陶先平.基于KQML的Agent安全通信模型.小型微型计算机系统, 2001, 22(10):1192-1195
[87] Manvi, S.S., Venkataram, P. Applications of Agent technology in communications: a review. Computer Communications, 2004, 27(15): 1493-1508
[88]张维明.智能协作信息技术.北京,电子工业出版社,2002.4
[89] Jiang, Y.C., Xia, Z.Y., Zhong, Y.P., Zhang, S.Y. An adaptive adjusting mechanism for Agent distributed blackboard architecture. Microprocessors and Microsystems, 2005, 29(1): 9-20
[90] Schneier. Applied Cryptography, 2nd Edition. New York, NY: John Wiley and Sons, 1996
[91] R.E.Lennon, S.M.Matyas. Cryptographic authentication of time invariant quantities. IEEE Trans. Comm., 1981, 29(6): 773-777
[92] Evans, W. Kantrowitz. A user authentication scheme for requiring secrecy in the computer. Comm. ACM, 1974, 17(8): 437-442
[93] Morris, K.Thompson. Password security: A case history, UNIX Programmer's manual, Seventh edition, 2B, 1979
[94] R. Giuseppe, I. Antonio, P. Sergio. 802.11-Based Wireless-LAN and UMTS interworking: requirements, proposed solutions and open issues. Computer Networks, 2005, 47(2): 151-166
[95] IEEE Standard for Local and metropolitan area networks-Port-Based NetworkAccess Control. Approved 14 June 2001, IEEE-SA Standards Board. Approved 25 October 2001, American National Standards Institute
[96] M. Walker. On the security of 3GPP networks, in: Advances in Cryptology- Eurocrypt 2000, Springer, Berlin, 2001, 102–103
[97] W. Simpson. The Point-to-Point Protocol (PPP). STD 51, RFC 1661, July 1994, 3-12
[98] W. Simpson. PPP Challenge Handshake Authentication Protocol(CHAP). RFC 1994, August 1996, 3-9
[99] Otway, O. Rees. Efficient and Timely Mutual Authentication. Operating Systems Review, 1987, 21(1): 8-10
[100] R. Needham, M. Schroeder. Using Encryption for Authentication in Large Networks of Computers. Communications of the ACM, 1978, 21(12): 993-999
[101] Denning, G. Sacco. Timestamps in Key Distribution Protocols. Communicaitons of the CACM, 1981, 24(8): 533-536
[2]吴煜煌,汪军,阚君蛮等编著.网络与信息安全教程.北京:中国水利水电出版社, 2006
[3] Roy Campbell, Tin Qian. Dynamic Agent-based Security Architecture for Mobile Computers. PDCN’98, Australia, 1998.
[4] Son T.Vuong, Peng Fu. A Security Architecture and Design for Moblie Intelligent Agent Systems. ACM SIGAPP Applied Computing Reivew, 2001, 9(1):21-30,.
[5] Ashutosh Jaiswal, Yongdae Kim, Maria Gini. Security Model for a Multi-Agent Marketplace. ICEC 2003.Pittsburgh,PA
[6] Chelliah Thirunavukkarasu, T.Finin, J.Mayfield. Secret Agents-Security Architecture for the KQML Agent Communication Language.CIKM, Dec.1995.
[7] Jieh-Sheng Lee, Jieh Hsiang, Po-Hao Tsang. A generic virus detection Agent on the Internet. System Sciences, 1997, Proceedings of the Thirtieth Hawaii International Conference on Volume 4, Issue , 1997 ,4(6):210 - 219
[8] Balasubramaniyan, J.S., Garcia-Fernandez, J.O., Isacoff, D.,et al. Architecture for intrusion detection using autonomous Agents. Proceedings on Computer Security Applications Conference, 14th Annual , 7-11 Dec. 1998 P:13– 24
[9] Crosbie M, Spaford E H. defending a computer system using autonomous Agents. Proceedings of the 18th National Information Systems Security Conference, Baltimore, MD, Oct. 1995, 549-558
[10] Jai S B., Jose O., Isacof D, et al. An Architecture for Intrusion Detection using Autonomous Agents, Purdue University, West Lafayete, Cost TR 98-05, 1998
[11] Charles Ling-yu Chou, Timon Du, Vincent S. Lai. Continuous auditing with amulti-Agent system. Source Decision Support Systems, 2007.1,42(4):2274-2292.
[12] Michalas, A., Kotsilieris, T., Kalogeropoulos, S., et al. Enhancing the performance of mobile Agent based network management applications. Proceedings. The 6th IEEE Symposium on Computers and Communications, 3-5 July 2001, pp. 432-437
[13] Satoh, I. A framework for building reusable mobile Agents for network management. Network Operations and Management Symposium, 2002, 15-19 April 2002, pp. 51-64
[14] K MatsubByask. A Collaboration Mechanism on Positiv Interactions in MultiAgent Environmentss. IJCAI’93,August 1993,346-351
[15] G Cornuejols, G Nembouser, L Wolsey. The Uncapacited Facity Location Problem. Carnegie-Mellon University, MSRR,N.493,1983
[16] M Tokoro. Computational Field Model: Toward a New Computing Model/Methodology for Open Distributed Environment. Proceeding of 2nd IEEE Workshop on Future Trends in Distributed Computing System,Sept 1990
[17] E osawa. A Scheme for Agent Collaboration in Open MultiAgent Environment. Proceeding of IJCAI’93,August 1993,352-358
[18] Hofmeyr, S. Forrest. Architecture for an Artifical Immune System. Evolutionary Computation, 2000,Vol.7(1):45-68
[19] Leandro N de Castro, Jon Timmis. Artificial Immune Systems: A New Computational Intelligence Approach. Springer-Verlag, London, Setptember, 2002
[20] Hofmeyr S A, Forrest S. Immunity by Design: An Artificial Immune System. Proc. Of GECCO’99, Orlando, Florida, USA, 1999
[21] Jerne N K. Towards a Network Theory of the Immune System. Annual Immunology, 1974,Vol.125c(1-2):373-89
[22] D Dasgupta, Immune-based intrusion detection system: a general framework. Proceedings of the 22nd national information systems security conference(NISSC), Virginia, USA, 1999
[23] Edward S. Golub. Network theory and the immune system. London: Cambridge University Press,Volumn8,Issue 1,Feb. 2005;
[24] Forrest S, Hofmeyr S A, Somayaji A. Computer Immunology. Communications of the ACM, 1997,Vo.40(10):88-96
[25]李涛.计算机免疫学.北京:电子工业出版社,2004(7)
[26] Seiden PE, Celada F. A model for simulating cognate recognition and response in the immune system. J Theor Biol. 1992 Oct 7,158(3):329-57
[27] Kumar K,Spafford E. A Pattern Matching Model for Missue Intrusion Detection. In Proceedings of the 17th National Computer Security Conference,1994(10):11-12
[28]林闯.随机Petri网和系统性能评价.北京:清华大学出版社,2000
[29]袁崇义. Petri网原理与应用.北京:电子工业出版社,2005
[30]周剑岚.基于Agent的内部网络安全系统研究及实现:[博士学位论文].华中科技大学图书馆,2006
[31] J.M.Spivey. The Z Notation:A Reference Manual(Second Edition).England:Oriel College, Oxford, 1998
[32]缪淮扣,李刚,朱关铭等.软件工程语言-Z.上海:上海科学技术文献出版社,1999
[33]吴增基.现代社会学.上海:上海人民出版社, 2005
[34] Walter Oney. Programming the Microsoft Windows Driver Model, Second Edition. New York: Microsoft Press, 2002
[35] Chang Y L,Chen S et a1.Workflow Process Definition and their Applications in e-Commerce[C].In:International Symposium on Multimedia Software engineering 2000,2000:193~200
[36] Nassi, B.Shneiderman. Flowchart techniques for structured programming. ACM SIGPLAN Notices,1973, Volume 8 , Issue 8:12-26
[37] Moore, M.J.; Sheffield, J.R. A PDL synthesizer for real-time systems. Aerospace and Electronics Conference, 1989. NAECON 1989., Proceedings of the IEEE 1989National,Volume , Issue , 22-26 May 1989 Page(s):515 - 520 vol.2
[38] KIM C H,WESTON R H.The complementary use of IDEF and UML modeling approaches].Computers in Industry,2003,50:35-56
[39] Yang Musheng, Zhang Yu. Intelligent Integrated Method of EPC and SPC in Manufacturing Process Quality Control. Control and Automation, 2007. ICCA 2007:1812-1816
[40] Ari Juels. Strengthening EPC tags against cloning. Workshop on Wireless Security,2005, Security analysis:67-76
[41] W.M.P. van der Aalst. Three Good Reasons for Using a Petri-net-based Workflow Management System. In S. Navathe and T. Wakayama, editors, Proceedings of the International Working Conference on Information and Process Integration in Enterprises (IPIC’96),Cambridge, Massachusetts, Nov 1996, pages 179–201
[42] W.M.P. van der Aalst, A.H.M. ter Hofstede, B. Kiepuszewski, and A.P. Barros. Workflow Patterns. QUT Technical report, FIT-TR-2002-02, Queensland Universityof Technology, Brisbane, 2002
[43] W.M.P. van der Aalst and A.H.M. ter Hofstede. Workflow Patterns: On the Expressive Power of (Petri-net-based) Workflow Languages. In K. Jensen, editor,Proceedings of the Fourth Workshop on the Practical Use of Coloured Petri Nets and CPN Tools (CPN 2002), Aarhus, Denmark,August 2002, volume 560 of DAIMI, pages 1–20, University of Aarhus
[44] W.M.P. van der Aalst and A.H.M. ter Hofstede. YAWL: Yet Another Workflow Language. QUT Technical report, FIT-TR-2002-06, Queensland University of Technology, Brisbane, 2002
[45] W.M.P. van der Aalst, B.F. van Dongen, J. Herbst, L. Maruster, G. Schimm, A.J.M.M. Weijters. Workflow Mining: A Survey of Issues and Approaches. Data and Knowledge Engineering, 2003 (to appear)
[46] T Murata. Petri nets: Properties, analysis and application. In: ProcIEEE,1989:541-580
[47] W. Ching Huey, W. Feng Jian. An Object-Oriented Modular Petri Nets for Modeling Service Oriented Applications. Computer Software and Applications Conference, 2007. COMPSAC 2007 - Vol. 2. 31st Annual International, Volume 2, Issue , 24-27 July 2007 Page:479– 486
[48] S Forrest, A S Perelson, L Allen, R Cherukuri. Self-Nonself Discrimination in a Computer. Proceedings of IEEE Symposium on Research in Security and Privacy, Oakland, May,1994:202-212
[49] Winn Schwartau. Time Based Security[M]. Interact Pr ,Feb,1999
[50]何炎祥,陈莘萌. Agent和多Agent系统的设计和应用.武汉:武汉大学出版社,2001
[51] Wooldridge M., N. R. Jennings. Intelligent Agents: Theory and Practice. Knowledge Engineering Review, 1995, 10(2): 52-94
[52] Wooldridge M., N. R. Jennings. Intelligent Agents: Theory and Practice. Knowledge Engineering Review, 1995, 10(2): 52-94
[53]史忠植.智能主体及其应用.北京,科学出版社,2000
[54]何炎样,杜卓敏. MADCE中的多Agent协作策略研究.武汉大学学报(理学版), 2001, 47(1): 42-46
[55]张正秋. Windows应用程序捆绑核心编程[M].北京:清华大学出版社, 2006
[56] Kehart JO. A biologically inspired immune system for computers. Proceedings on the Fourth International Workshop on the Synthesis and Simulation of Living Systems and Artificial Life, 1994:130-139
[57]刘克龙,蒙杨.一种新型的网络安全实现方法-基因计算机.计算机学报,2000,23(3):324-329
[58] Okamoto T, Ishida Y. A distributed approach against computer viruses inspired by the immune system. IEICE Trans Commun, 2000,E83-B(5):908-915
[59] Mamelstein R E, Van Veldhuizen D A, Lamont G B. A distributed architecture foran adaptive computer virus immune system. Proceedings of the IEEE International Conference on Systems, Man and Cybernetics, 1998,4:3838-3843
[60] Kim J, Bentley P. An evalution of negative selection in an artificial immune system for network intrusion detection. Proceedings of the Genetic and Evoluntionary Computation Conference(GECCO-2001), San Francisco, California, USA, 2001: 1330-1337
[61] Barrants E G, Ackley D H, Forrest S,et al. Randomized instruction set emulation to disrupt binary code injection attacks. Proc 10th ACM Conference on Computer and Communications Security(CCS 2003), 2003: 281-289.
[62] Biba K J. Integrity considerations for secure computer systems. Bedford, Massachussets, USA: USAF Electronic Systems Division, 1977
[63] Trust Computing Group. TPM main specification: design principles v1.2.(2003-10). https://www.trustedcomputinggroup.org
[64]黄强,沈昌祥.基于可信计算的保密和完整性统一安全策略.计算机工程与应用,2006,42(10):15-18
[65] Cohen F. Computer viruse: theory and experiments. Computers and Security,1987,6(1):22-35
[66]陈泽茂,沈昌祥.解释型病毒及其防御策略研究.计算机工程与应用,2004,40(19):29-32
[67] Frederick P.Brooks,Jr. The Mythical Man-Month:Essays on Software Engineering, Anniversary Edition(2n Edition). US: Addison Wesley, 2002
[68] Ian Sommerville. Software Engineering:(Update)(8th Edition) . England: Pearson Education Limited, 2007
[69]唐超.面向应用需求的软件Agent系统研究与开发:[博士学位论文],华中科技大学图书馆,2002
[70] Lin, Xiao-dong, Yang, Yi-xian, Ma, Yan. Design and implementation of Internet firewall. Journal of China Institute of Communication, 1998,19(1):66~69 (inChinese)
[71] Jiang, Tao, Liu, Ji-ren. Design and implementation of a kind of virtual private network. Journal of Northeastern University, 2000, 21(2):136~139 (in Chinese)
[72]朱雁辉.Windows防火墙与网络数据包截获技术.北京:电子工业出版社,2000
[73] W.Richard Stevens. TCP/IP Illustracted Volume I: The Protocols. Addison-Wesley Professiona, US Ed Edition,1994;
[74] Ary R.Wright, W.Richard Stevens. TCP/IP Illustracted Volume II: The Implementation. Addison-Wesley Professiona, US Ed Edition,1994
[75] W.Richard Stevens. TCP/IP Illustracted Volume III: TCP for Transactions, HTTP, NNTP, and the UNIX Domain Protocols. Addison-Wesley Professiona, US Ed Edition,1994
[76] Gary Nebbett. Windows NT/2000 Native API Reference. United Kingdom: Pearson Education, 2000
[77] Wenbo Mao. Modern Cryptograghy: Theory and Practice (现代密码学理论与实践).王继林,伍前红.北京,电子工业出版社,2004
[78] NBS. Data Encryption Standard. U.S. Department of Commerce, FIPS Publication 46, Washington, D.C., 1977. National Bureau of Standards
[79] W. Diffie, M. Hellman. New Directions in Cryptography. IEEE Transactions on information Theory, 1996, 22 pp.644-654
[80] Kephart J. 0.. A Biologically Inspired Immune System for Computers. Proceeding of the 4th International Workshop on the Synthesis and Simulation of Living Systems, 1994, MIT Press, 30-139
[81] R.L.Rivest, A.Shamir, L.M.Adleman. A Method for Obtaining Digital Signatures and Public-Key Cryptosystems. Communications of the ACM, 1978, 21(2): 120-126
[82] S.E. Landor. Issues in multiAgent systems. IEEE Expert Mag. April, 1997, 18–26
[83] Finin, T., Weber, J. Draft Specification of the KQML Agent-CommunicationLanguage. June 15, 1993
[84] Chelliah Thirunavukkarasuy, Tim Finin, James Mayfield. Secret Agents-A Security Architecture for the KQML Agent Communication Language. Draft submitted to the CIKM'95 Intelligent Information Agents Workshop, Baltimore, December 1995
[85] Wong, H. C., K. Sycara. Adding security and trust to multi-Agent systems. Proc. Autonomous Agents’99 workshop on deception, fraud and trust in Agent societies, 1999, pp.146-161
[86]郭瑞景,苏敏,陶先平.基于KQML的Agent安全通信模型.小型微型计算机系统, 2001, 22(10):1192-1195
[87] Manvi, S.S., Venkataram, P. Applications of Agent technology in communications: a review. Computer Communications, 2004, 27(15): 1493-1508
[88]张维明.智能协作信息技术.北京,电子工业出版社,2002.4
[89] Jiang, Y.C., Xia, Z.Y., Zhong, Y.P., Zhang, S.Y. An adaptive adjusting mechanism for Agent distributed blackboard architecture. Microprocessors and Microsystems, 2005, 29(1): 9-20
[90] Schneier. Applied Cryptography, 2nd Edition. New York, NY: John Wiley and Sons, 1996
[91] R.E.Lennon, S.M.Matyas. Cryptographic authentication of time invariant quantities. IEEE Trans. Comm., 1981, 29(6): 773-777
[92] Evans, W. Kantrowitz. A user authentication scheme for requiring secrecy in the computer. Comm. ACM, 1974, 17(8): 437-442
[93] Morris, K.Thompson. Password security: A case history, UNIX Programmer's manual, Seventh edition, 2B, 1979
[94] R. Giuseppe, I. Antonio, P. Sergio. 802.11-Based Wireless-LAN and UMTS interworking: requirements, proposed solutions and open issues. Computer Networks, 2005, 47(2): 151-166
[95] IEEE Standard for Local and metropolitan area networks-Port-Based NetworkAccess Control. Approved 14 June 2001, IEEE-SA Standards Board. Approved 25 October 2001, American National Standards Institute
[96] M. Walker. On the security of 3GPP networks, in: Advances in Cryptology- Eurocrypt 2000, Springer, Berlin, 2001, 102–103
[97] W. Simpson. The Point-to-Point Protocol (PPP). STD 51, RFC 1661, July 1994, 3-12
[98] W. Simpson. PPP Challenge Handshake Authentication Protocol(CHAP). RFC 1994, August 1996, 3-9
[99] Otway, O. Rees. Efficient and Timely Mutual Authentication. Operating Systems Review, 1987, 21(1): 8-10
[100] R. Needham, M. Schroeder. Using Encryption for Authentication in Large Networks of Computers. Communications of the ACM, 1978, 21(12): 993-999
[101] Denning, G. Sacco. Timestamps in Key Distribution Protocols. Communicaitons of the CACM, 1981, 24(8): 533-536
© 2004-2018 中国地质图书馆版权所有 京ICP备05064691号 京公网安备11010802017129号 地址:北京市海淀区学院路29号 邮编:100083 电话:办公室:(+86 10)66554848;文献借阅、咨询服务、科技查新:66554700 |