Decomposition and modeling method of safety target and related equipment

Abstract

The present application discloses a security target decomposition and modeling method and related equipment, which are used to improve the accuracy of the security target decomposition and improve the reliability of the formal verification of the security target. The method of the present application includes: according to at least one of the unified modeling language sequence diagram and the state diagram of the security policy, obtaining N-type entity information of the security policy, the N is a positive integer not less than 2, and the entity information is Each process of the security policy and at least one of the channels between processes, data and activity flow; determine the verifiability of each type of entity information in the N types of entity information according to the verifiable attribute type in the security attribute description library Attributes: generate a mathematical logic formula for each type of entity information according to a mathematical logic formula template and each type of entity information, and the mathematical logic formula template corresponds to the verifiable attributes of each type of entity information.

Description

technical field [0001] The present application relates to the field of computer software, in particular to a method for decomposing and modeling security targets and related equipment. Background technique [0002] The security goal is the technical effect that needs to be achieved in terms of system security. Before software design and development, a security strategy (also known as a security protocol or a security technical solution) is put forward according to the desired security goal, and the security goal is decomposed into individual security attributes, and the security of the security attributes is verified to ensure that the security strategy can be implemented. Achieve safety goals. [0003] Aiming at the security attribute verification of security goals, a formal verification method based on mathematical logic is introduced in the field of software system design to analyze whether the security policy can meet the expected security goals. Security goals are gen...

AI Technical Summary

Problems solved by technology

For the above-mentioned formal verification method based on mathematical logic, it is very important to decompose the safety goal and use mathematical logic formulas to describe it accurately. If the safety goal cannot accurately describe the safety goal described in natural language, then Inaccurate verification results using the above-mentioned formal verification method based on mathematical logic

[0004] In the field of security verification, for the transformation of security goals described in natural language into mathematical logic, it is generally summarized and analyzed based on security policies, and the security attributes corresponding to the security objectives are extracted, so that the obtained security attributes have great randomness. There is no clear correspondence between the goals, and it cannot objectively and accurately describe the security goals described in natural language

Images