Cloud outsourcing service data leakage safety test case automatic generation method based on attack graph

A technology of security testing and outsourcing data, which is applied in the field of cloud computing security and can solve problems such as leak test case automation

Active Publication Date: 2019-07-16
BEIJING UNIV OF TECH
View PDF6 Cites 12 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0008] The present invention intends to solve the problem of automatic generation of test cases in the cloud outsourcing service data leakage security scenario

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Cloud outsourcing service data leakage safety test case automatic generation method based on attack graph
  • Cloud outsourcing service data leakage safety test case automatic generation method based on attack graph
  • Cloud outsourcing service data leakage safety test case automatic generation method based on attack graph

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0090] The present invention will be further described below in conjunction with the accompanying drawings and specific embodiments.

[0091] The present invention mainly uses DCSP to deploy Hadoop distributed data service clusters in OpenStack cloud platform virtual machines as an example to illustrate the execution process of the automatic generation method of cloud outsourcing service data leakage security test cases based on attack graph, but is not limited to deploying distributed data on other cloud platforms. big data service platform. Specific steps are as follows:

[0092] 1. A method for generating data leakage detection indicators in the life cycle of cloud outsourcing data services based on data flow analysis. The specific implementation steps are:

[0093] First of all, analyze the key points of data flow, data location, attacked object and attack role in this scenario, and realize the automatic construction of cloud outsourcing data service data leakage detectio...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses a cloud outsourcing service data leakage safety test case automatic generation method based on an attack graph, and the method comprises steps of a data leakage detection indexgeneration method covering a cloud outsourcing data service life cycle based on data flow analysis, automatic construction of an attack graph based on the data leakage attack object attack tree model; automatic generation of an XML security test case based on the attack graph and the XML security test description language; automatic generation of a template-based security test script. The data leakage threat covering the cloud outsourcing data service life cycle is analyzed based on the data flow, and a data leakage safety index system under a cloud platform outsourcing data service scene isautomatically constructed; an attack tree and an attack graph are constructed based on the data leakage attack point attack tree model, and the attack detection efficiency is improved; and an executable safety test case script is automatically generated based on the XML safety test description language.

Description

technical field [0001] The invention relates to a method for generating a security test case, in particular to an attack graph-based automatic generation method for a cloud outsourcing service data leakage security test case, belonging to the field of cloud computing security. Background technique [0002] Elastic computing services provided by cloud computing service providers can provide technical support for the rapid generation and batch analysis of big data, and the combination with big data has become the mainstream of current development. Cloud users can easily and directly choose cloud outsourcing services for data processing. However, the combination of the two also brings new opportunities and challenges to cloud data security. [0003] The current mainstream cloud service providers (Cloud Service Provider, CSP, also known as cloud service provider) mainly provide cloud users (CloudTenant, CT, also known as cloud tenants) with IaaS and PaaS through computing, netwo...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06H04L29/08
CPCH04L63/1408H04L63/1416H04L67/10
Inventor 樊旭东詹静赵勇高雅琪韩瑾
Owner BEIJING UNIV OF TECH
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap