CAJ | 학술논문

策略编写和表示是策略研究的基础.当前策略编写多直接面向设备和技术,过于依赖管理员的知识和经验,而忽视了应用环境对策略制定的要求和影响,造成策略编写不完备、易出错.为解决这一问题,设计了分层网络安全系统模型,提出从系统建模的角度讨论策略生成和表示,使得策略制定不再局限于单台设备或某种安全功能,而是建立在了解整个网络系统安全需求的基础上,一定程度上实现了策略的自动生成,保证了策略制定的正确性和完整性,降低了管理员负担,减小了出错的可能.然后通过提炼策略基本属性,设计了基于网络安全系统模型的多层安全策略表示方法,并采用BNF范式描述了策略语法规范,策略表示更加友好.操作性更强.
책략편사화표시시책략연구적기출.당전책략편사다직접면향설비화기술,과우의뢰관리원적지식화경험,이홀시료응용배경대책략제정적요구화영향,조성책략편사불완비、역출착.위해결저일문제,설계료분층망락안전계통모형,제출종계통건모적각도토론책략생성화표시,사득책략제정불재국한우단태설비혹모충안전공능,이시건립재료해정개망락계통안전수구적기출상,일정정도상실현료책략적자동생성,보증료책략제정적정학성화완정성,강저료관리원부담,감소료출착적가능.연후통과제련책략기본속성,설계료기우망락안전계통모형적다층안전책략표시방법,병채용BNF범식묘술료책략어법규범,책략표시경가우호.조작성경강.
Policy establishment and representation is the base of the policy research.Nowadays,device and technology oriented policy making excessively depends on the knowledge and the experiences, but ignores the requirement and the effect of the application environment.So the policy making is no integrity and liable to make a mistake.To solve the problem,hierarchy network security system model is designed,and the policy making and representation is proposed based on the system modeling,which make the policy making is not limited by the single device and the only one security function.Upon the method,the policy auto making is implemented to some degree and the correctness and the integrity are insured, which decrease the burden of the manager,and the possibilities of the mistaking.According to the refinement of the policy basic attributes,Multi -level policy representation method based on requirement-driven network system model is promoted.Using the BNF normal form to describe the policy grammar specification, policy representation is friendlier and more operable.