Unlock instant, AI-driven research and patent intelligence for your innovation.

Distributed storage security analysis method

A technology of distributed storage and analysis method, applied in the field of computer network information security, can solve problems such as failure to take into account changes in the state of associated software systems, inability to complete distributed storage system security analysis, and inability to provide security status descriptions, etc.

Inactive Publication Date: 2020-04-10
HARBIN INST OF TECH
View PDF3 Cites 2 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

Not only for the physical devices in the storage system, but also for each object in the storage system, a fine-grained security access control evaluation should be provided. The traditional method does not take into account the correlation between the vulnerabilities in the system and the software Changes in system status, so this type of tool cannot complete a complete distributed storage system security analysis, and cannot provide an overall security status description

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Distributed storage security analysis method
  • Distributed storage security analysis method
  • Distributed storage security analysis method

Examples

Experimental program
Comparison scheme
Effect test

specific Embodiment approach

[0043] Specific implementation method: combined Figure 1-Figure 3 Description of this embodiment

[0044] Safe Fault Tree Method

[0045] The fault tree provides a mathematical and graphical representation of the basic event combinations that lead to system failure. It illustrates which combination of events will lead to the observed failure symptoms. It can abstractly and accurately describe the safety requirements of the system without involving its implementation details. , so that security managers can fully and accurately understand the definition of security requirements of the system, and can find loopholes in system security through formal analysis methods;

[0046]The distributed storage system actually disperses data to different servers through the network, and the security attributes of the network and the server are finally described as a security state space SSP, that is, SSP=(SS,AR).

[0047] SS—the set of all reachable security states during the attack on th...

specific Embodiment approach 2

[0110] A complete fault tree consists of top events, bottom events, intermediate events and logic gates.

[0111] 1) Top event: In the fault tree analysis, the least expected fault state of the system is taken as the target of logical analysis, that is, the top event. The top event is located at the top of the fault tree, also known as the result event, which is the final state that the system can achieve due to various possible faults. There can only be one top event in a fault tree.

[0112] 2) Bottom event: also called the cause event, it is the input event of the logic gate and is located at the bottom of the fault tree. The bottom event is the cause of the top event.

[0113] 3) Intermediate event: The resulting event located between the top event and the bottom event is an intermediate event.

[0114] 4) Logic gate: used to connect components between events.

[0115] A simple fault tree and its symbolic representation as Figure 3-1 .

[0116] T represents the top ...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses a distributed storage security analysis method, and belongs to the technical field of computer network information security. The method comprises the steps of 1, pre-defining asecurity assessment strategy; 2, finding out a basic event set of the corresponding safety fault tree; 3, taking the pre-analyzed related safety quality as a top event, finding out various direct factors and intermediate events causing the event, comparing the attributes of various weaknesses, screening out a corresponding weakness set, and establishing a safety fault tree; and 4, analyzing the safety fault tree obtained in the step 3, analyzing the failure rate of the whole system, and solving the probability and frequency of occurrence of the top event. According to the method, the weak point association utilization relationship between the security attributes is visually described, and the comprehensive security situation of distributed storage can be reflected from qualitative and quantitative aspects by analyzing the fault tree.

Description

technical field [0001] The invention relates to a storage security analysis method, which belongs to the technical field of computer network information security. Background technique [0002] At present, with the increasing development of network technology and the increasing variety of business types in different fields, the demand for data storage systems and methods for security information interaction is increasing. Therefore, security data storage systems and methods have become more and more popular. more important. [0003] Vulnerability Scanning is the process of using some software or hardware tools to identify the weaknesses of a computer system in a network in order to determine if and where a system can be attacked and / or threatened. Vulnerability scanning finds security flaws based on a database of known flaws, tests systems where those flaws occur and produces a report of findings that an individual or an enterprise can use to strengthen network security. ...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06H04L29/08
CPCH04L63/1433H04L63/20H04L67/1097
Inventor 辛毅董剑张涛
Owner HARBIN INST OF TECH