CN109344649A - The interaction cost of typing resource drives method for security protection - Google Patents

The interaction cost of typing resource drives method for security protection Download PDF

Info

Publication number
CN109344649A
CN109344649A CN201811111385.3A CN201811111385A CN109344649A CN 109344649 A CN109344649 A CN 109344649A CN 201811111385 A CN201811111385 A CN 201811111385A CN 109344649 A CN109344649 A CN 109344649A
Authority
CN
China
Prior art keywords
dik
cost
resource
typing
tran
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN201811111385.3A
Other languages
Chinese (zh)
Other versions
CN109344649B (en
Inventor
段玉聪
张欣悦
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Hainan University
Original Assignee
Hainan University
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Hainan University filed Critical Hainan University
Priority to CN201811111385.3A priority Critical patent/CN109344649B/en
Publication of CN109344649A publication Critical patent/CN109344649A/en
Application granted granted Critical
Publication of CN109344649B publication Critical patent/CN109344649B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Health & Medical Sciences (AREA)
  • Bioethics (AREA)
  • General Health & Medical Sciences (AREA)
  • Computer Hardware Design (AREA)
  • Computer Security & Cryptography (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Management, Administration, Business Operations System, And Electronic Commerce (AREA)

Abstract

The present invention is the interaction cost driving method for security protection of typing resource;The present invention is based on data maps; three layers of Information Atlas and knowledge mapping can automatically abstracting adjustment knowledge mapping framework; secure resources are divided into data safety resource; information security resource and knowledge security resource; and it protects cost and attacker to attack cost protection of resources cost, Protector and calculates; it is divided into three kinds of distinct interaction situations; and it is directed to these three different dynamic interaction situations; change static resource by additions and deletions under explicit and implicit secure resources situation to look into; it is destroyed dynamic resource not, the invention belongs to distributed computings and soft project crossing domain.

Description

The interaction cost of typing resource drives method for security protection
Technical field
The present invention is the interaction cost driving method for security protection of typing resource, belongs to distributed computing and soft project Crossing domain.
Background technique
The collection and use of secure resources can generate value, however management is but not yet received in the protection of information security.Resource Maintenance must assure that in the case of resource not will receive without permission to the use of resource, distort, loses, destroy and other situations Occur.Existing demand for security modeling method does not distinguish the type of resource, and various secure resources are interweaved together, are difficult Effectively support data Layer, the inquiry on Information Level and stratum of intellectual is abstracted, addition, and deletion and modification are looked into accordingly in systems It askes, is abstracted, the increase and deletion of secure resources can not be effectively performed.Current method for security protection can not directly be found These information security resources, in fact can be by analysis information (direct information and indirect information) secure resources and logical The modes such as analysis information combination related data or knowledge security resource are crossed to obtain.Therefore, existing method is provided to can directly search To the protection of information security still cannot fundamentally solve secure user data protection problem.
The present invention is the interaction cost driving method for security protection of typing resource;The present invention is based on data map, information Three layers of map and knowledge mapping can automatically abstracting adjustment knowledge mapping framework, secure resources are divided into data safety resource, are believed Secure resources and knowledge security resource are ceased, and protects cost and attacker to attack cost protection of resources cost, Protector and carries out It calculates, is divided into three kinds of distinct interaction situations, and be directed to these three different dynamic interaction situations, in explicit and implicit secure resources Change static resource by additions and deletions under situation to look into, is destroyed dynamic resource not.
Summary of the invention
Technical problem: existing demand for security modeling method does not have Distinguish resource, and various secure resources are interweaved Together, it is difficult effectively to support data Layer, the inquiry on Information Level and stratum of intellectual, is abstracted, addition is deleted and modified, therefore phase The inquiry answered is abstracted, and the increase and deletion of secure resources can not be effectively performed.
Technical solution: method of the invention is a kind of tactic method, the present invention is based on three layers can automatically abstracting adjustment Secure resources are classified as data safety resource, information security resource and knowledge security resource by knowledge mapping framework;Calculate target The storage and conversion total cost of secure resources, by the expected cost of the protection of Protector and the expected cost of the attack of attacker and storage It is compared with the total cost of conversion, obtains total cost and be less than, be equal to, being greater than and attack expected three kinds of interaction situations of cost, protecting Protection path of the lower selection of the expected investment driving of the protection of shield person to targeted security resource.
Architecture
The present invention is based on data map, Information Atlas and knowledge mapping frameworks to be classified as data safety resource for secure resources, letter Cease secure resources and knowledge security resource;When protecting secure resources, the present invention proposes to calculate protection based on dynamic interaction The cost of person and attacker, and it is stored in safe space after converting according to cost driving to secure resources, in safe space, Secure resources will not be used, and be distorted, and lost and destroyed;Data map is given below, Information Atlas, knowledge mapping is safe, Typing resource, typing secure resources, explicit information secure resources, implicit information secure resources, the definition of safe space;
Data map (DGDIK): DGDIK: = collection {array, list, stack, queue, tree, graph}
DGDIKIt is that various data structures include array (array), chained list (list), stack (stack), queue (queue), set (tree) and the set (collection) of figure (graph) etc..Data map can recorde the basic structure of entity, in addition, number The frequency of time and Space expanding can also be recorded according to map;
Information Atlas (IGDIK): IGDIK:=compositiontime{DDIK};
IGDIKContain time relationship possessed by the data safety resource under special scenes;IGDIKIt is indicated in the form of digraph Interactive relation and conversion between information security resource;IGDIKIt can recorde the interaction between entity, this interactive relation includes Direct interactive relation and indirect interaction relationship;
Knowledge mapping (KGDIK): KGDIK:=collectionconsistent{RulesStatistic OR Logical}category
KGDIKIt is the experience by being gone out with empirical statistics to express, the experience of these empirical statistics is with potential fundamental What classification indicated;
Safety (SE): secure resources refer to frequency of use height, have public characteristic, that is, have the resource of extensive influence power;Protection safety Resource refers to that protection frequency of use is high, has public characteristic, that is, influences extensive resource, is destroyed static security resource not, Dynamic security resource correctly executes;After traversing all types resource, the full resource distribution based on acquisition acquires resource It influences, the influence power of resource is bigger, illustrates that this resource is public, typing secure resources;Influence power (the F of resourceSR) Formula is as follows:
(1)
Wherein, f(TRDIK, t) and indicate frequency of use function, function learning usage type resource TRDIKWith time when using The relationship of t obtains the frequency of use and expected frequency of use of targeted security resource, g(Atr, Op) it is that public characteristic calculates function, Similarity between the attribute Atr and operation Op of analysis type resource entity, judges public between target type resource Feature;
Typing resource (TRDIK): TRDIK:=< DDIK, IDIK, KDIK>。
DDIKRepresent writing a Chinese character in simplified form for data, IDIKRepresentative information is write a Chinese character in simplified form, KDIKRepresent writing a Chinese character in simplified form for knowledge.DDIKIt is not specific Stakeholder or machine are specified.DDIKThe object observed directly is expressed as to the general sense only comprising its necessity mark. IDIKRepresent the D that the mankind directly or indirectly observe or interactDIKOr IDIK。KDIKRepresent abstract DDIK, IDIKAnd KDIK, this A little DDIK, IDIKAnd KDIKIt is to be carried out as a whole with limited or unlimited complete manner.Utilize KDIKCome reasoning and prediction Unknown resources are not observed, but in DDIK, IDIKAnd KDIKThe relationship that aspect has occurred for a certainty.
Fig. 1 show the state diagram between typing resource;Tran:=< TranD-D, TranD-I, TranI-D, TranI-I, TranI-K, TranK-I, TranK-K>
TranD-DFor DDIKIt is converted to DDIKSituation: for example know DDIK1" Xiao Li " and DDIK2" students' dining hall " can speculate Xiao Li's identity DDIKIt is student;TranI-IFor IDIKIt is converted to IDIKSituation: for example learn " the daily 7:00 of Mr. Wang on time from Family sets out, 8:00 reaching on the time lawyer's office " IDIK, " Mr. Wang works in lawyer's office " can be deduced IDIK;TranD-IFor DDIKIt is converted to IDIKSituation: for example learn king classmate clap a photo on have DDIK" September 1 day 11: 00 ", " coconut palm woods ", " N20 ° 02 ' 45.97 of north latitude " E110 ° 11 ' 38.39 of east longitude ", can speculate that " king classmate September 11:00 on the 1st exists The I at Haikou "DIK;TranI-DFor IDIKIt is converted to DDIKSituation: for example this is carved with a robot, does not have any face and knows Other function will allow it is judged that the D of 100 people in frontDIK" gender " convenes and carries out running training, root on this 100 people to playground According to IDIK" 800 meters of tracks " and " running 800 meters of length of time ", in the D that can measure 100 people to a certain degreeDIK" gender "; TranK-KFor KDIKIt is converted to KDIKSituation: for example according to KDIK" under normal conditions, women figure is smaller than male, but the two intestines Road is equally long " K can be pushed away to obtainDIK" women is more also easy to produce satiety ";TranI-KFor IDIKIt is converted to KDIKSituation: for example this When have IDIK" the clock heartbeat of male's average minute is 80 times " and " the clock heartbeat of women average minute is 72 times ", can push away to obtain knowledge Regular KDIK" women heartbeat is slower than male heartbeat ";TranK-IFor KDIKIt is converted to IDIKSituation: for example predict rabbit Motion profile IDIK, it enters from A, by B, is now to predict next it runs toward C or D, at this time on C door Hang a carrot, there is nothing on D door, according to the K of " rabbit love eats carrot "DIK, push away rabbit will run toward C;
To the conversion process of typing resource as shown in algorithm 1;
Typing secure resources (SRDIK): SRDIK:=< SRType, SRScale >
SRType:={SDDIK, SIDIK, SKDIK, wherein SDDIKRepresent data safety resource, SIDIKRepresentative information secure resources, SKDIKRepresent knowledge security resource;SRScaleRepresent the specification of each type resource;SIDIKIt indicates between secure entity Interactive relation and cooperation relation;By carrying out classification pumping to intersection record relevant to secure entity dynamic behaviour or behavior record As obtaining SK in the form of statistical rulesDIK;SK is inferred to from known resourceDIK, and (if tested, adjusted by technology appropriate Look into) necessary SI is collected in reasoning processDIK.From SIDIKTo SDDIKConversion, both can be used as from being related to the general of entity Thought process can also be used as one kind and be abstracted, will include SIDIKCoherent element be selectively mapped to SDDIKObject element knot Element in structure.SD is obtained by observing the object of a static specific timeDIK;SKDIKElement or class with them Bottom fine granularity example (such as sub- attribute or sub-operation) in not is associated, or is connected by purely logical reason or mathematical computations It connects;From SKDIKTo SIDIKAnd SDDIKTop-down influence be by time creatively by SKDIKContent resolution be SIDIKAnd SDDIKIt realizes;
Explicit and implicit secure resources: further by data, the targeted security resource of information and knowledge is according to it in search space In presence be classified as explicit and implicit situation;Definition is as shown in table 1:
Table 1 is explicit and implicit type secure resources define table
Explicit implicit recognizer Ver=(Get of typing secure resourcesp, RLSRDIK), it include two algorithms, specific as follows:
(1) Getp(SRDIKi, DGDIK·IGDIK·KGDIK) → p=0 | p=1: implicit explicit discriminant function Getp, in input target peace Wholly-owned source SRDIKiAfterwards, in DGDIK, IGDIK, KGDIKOn successively traverse, arrived if can directly search, return p=0, if cannot directly search Rope arrives, and returns to p=1;
(2) RLSRDIK(p=1, SRDIKi, SRDIKj) → t [SRDIKj, c]: secure resources relation function RLSRDIK, in GetpFunction is true Determine secure resources not and be it is explicit, i.e., behind p=1, again in DGDIK, IGDIK, KGDIKOn successively traverse, search targeted security money Source SRDIKi, SR is recorded with an array tDIKiWith other secure resources SRDIKjBetween interactive relation, c recording interactive frequency, lead to Cross the record of t, the searching route of available implicit secure resources;
Protection sequence (SequenceP): SequenceP=(INF, Find, CountTran, CountCom, Compare), it include five Algorithm, specific as follows:
(1) INF(SRType) → M [INFSR1, INFSR2…INFSRn]: influence power calculates function INF, different types of inputting Secure resources SRTypeAfterwards, the influence power size of each node is calculated, and will affect power calculated result INFSRnBy from big to small Sequence be stored in array M;Influence power (INFSRn) calculate as shown in Equation, wherein deg+Represent the out-degree of node, deg-It represents The in-degree of node:
(2)
(2) Find(M) → XGDIKni: path function Find is found after obtaining array M by INF function, successively in M INFSRnPath searching is carried out, the number of passes searched out is i, and each path is stored in XGDIKniArray, XGDIKRepresent DGDIK, IGDIK And KGDIKIn any one map on typing resource;Such as shown in Fig. 3, there is one on Information Atlas= (ABCDEFG), the node influence power of C is maximum, and there is IG in the path for obtaining CDIKOn (ABC) and (ABFGC) two, and It can also be according to DGDIKOn=(abcdef) is obtained, and then i is 3, and three paths are stored in array IG respectivelyDIKn1, IGDIKn2And DGDIKn3
(3) CountTran(M, XGDIKni) → CostTrans: switching cost calculates function CountTransIt is obtained according to INF function The XG that array M and Find function obtainsDIKni, the switching cost of typing resource is calculated, switching cost is obtained CostTrans;The calculating of CostTrans is as shown in formula (3):
(3)
Wherein, SUnitCostSRTypei-SRTypejIt is the atom cost of typing resource conversion, it is specific as shown in table 2;It is arrived according to M XGDIKniConversion quantity i total switching cost is calculated;
(4) CountCom(M) → CostCom: protection cost calculates function CountCom by the cost and search cost of destruction node Composition calculates as shown in formula:
(4)
Wherein, PerdesIt is the unit cost destroyed, PerSeIt is the unit cost of search;
The atom cost of the typing resource of table 2. conversion
(5) Compare(CostA, CostTrans, CostCom, CostP) → Finalni: interaction cost driving function Compare exists Input CostTransAnd CostComAfterwards, the total cost Cost of typing resource is calculatedTot, CostTot=CostTrans+CostCom; After compare CostTotWith the expected attack cost Cost of attackerAIt is compared, there is following three kinds of situations:
Situation 1: work as CostTot>CostA, and the expected investment Cost of userP<CostTotWhen, selection is protected next in M A typing resource;Work as CostP≥CostTotWhen, take CostTotThe smallest conversion plan;
Situation 2: work as CostTot<CostAWhen, other conversion plans are chosen, until there is the case where Situation1;
Situation 3: work as CostTot=CostAWhen, other conversion plans are chosen, until there is the case where Situation1;
The utility model has the advantages that
The method of the present invention propose typing resource interaction cost driving method for security protection method, this method and have such as Lower advantage:
1) secure resources are divided into data safety money on data map, Information Atlas and knowledge mapping three-tier architecture by the present invention Source, information security resource and knowledge security resource change static security resource by additions and deletions and look into, and dynamic security resource is not broken It is bad;
2) present invention calculates the storage and conversion total cost of targeted security resource, by the expected cost of the protection of Protector and attacker The expected cost of attack and the total cost of storage and conversion compare, obtain total cost and be less than, be equal to, being greater than attack and be expected generation Three kinds of interaction situations of valence, Protection path of the selection to targeted security resource under the expected investment driving of protection of Protector.
Detailed description of the invention
Fig. 1 is the state diagram of typing resource conversion in the dynamic interaction cost driving towards typing resource;
Fig. 2 is a specific embodiment of typing resource conversion in the dynamic interaction cost driving towards typing resource;
Fig. 3 is the specific flow chart of the interaction cost driving method for security protection of typing resource.
Specific embodiment
The detailed process of the interaction cost driving method for security protection of typing resource is as follows:
Shown in 001 in step 1) corresponding diagram 3, ownership goal security type resource is inputted, constructing three layers can automatically abstracting Data map, Information Atlas and knowledge mapping framework;
Shown in 002 in step 2 corresponding diagram 3, the influence power of typing resource is calculated;
INF(SRType) → M [INFSR1, INFSR2…INFSRn]: influence power calculates function INF, is inputting different types of safety Resource SRTypeAfterwards, the influence power size of each node is calculated, and will affect power calculated result INFSRnIt is suitable by from big to small Sequence is stored in array M;Influence power (INFSRn) calculate as shown in Equation, wherein deg+Represent the out-degree of node, deg-Represent node In-degree:
(2)
Shown in 003 in step 3) corresponding diagram 3, the transduction pathway of typing resource is found;
Find(M) → XGDIKni: path function Find is found after obtaining array M by INF function, successively to the INF in MSRn Path searching is carried out, the number of passes searched out is i, and each path is stored in XGDIKniArray, XGDIKRepresent DGDIK, IGDIKWith KGDIKIn any one map on typing resource;
Such as shown in Fig. 3, there is one on Information AtlasThe node influence power of=(ABCDEFG), C are maximum, and obtain C Path have IGDIKOn (ABC) and (ABFGC) two, and can also be according to DGDIKOn=(abcdef) is obtained, Then i is 3, and three paths are stored in array IG respectivelyDIKn1, IGDIKn2And DGDIKn3
Shown in 004 in step 4) corresponding diagram 3, the cost of typing resource conversion is calculated;
CountTran(M, XGDIKni) → CostTrans: switching cost calculates function CountTransThe array obtained according to INF function The XG that M and Find function obtainsDIKni, the switching cost of typing resource is calculated, switching cost Cost is obtainedTrans; The calculating of CostTrans is as shown in formula (3):
(3)
Wherein, SUnitCostSRTypei-SRTypejIt is the atom cost of typing resource conversion, it is specific as shown in table 2;It is arrived according to M XGDIKniConversion quantity i total switching cost is calculated;
Shown in 005 in step 5) corresponding diagram 3, the cost of typing Resource Calculation is calculated;
CountCom(M) → CostCom: protection cost calculates function CountCom by the cost and search cost group of destruction node At calculating is as shown in formula:
(4)
Wherein, PerdesIt is the unit cost destroyed, PerSeIt is the unit cost of search;
The atom cost of the typing resource of table 2. conversion
Shown in 006 in step 6) corresponding diagram 3, the safeguard protection of dynamic interaction cost driving is carried out;Compare(CostA, CostTrans, CostCom, CostP) → Finalni: interaction cost driving function Compare is in input CostTransAnd CostCom Afterwards, the total cost Cost of typing resource is calculatedTot, CostTot=CostTrans+CostCom;After compare CostTotWith attacker It is expected that attack cost CostAIt is compared, there is following three kinds of situations:
Situation 1: work as CostTot>CostA, and the expected investment Cost of userP<CostTotWhen, selection is protected next in M A typing resource;Work as CostP≥CostTotWhen, take CostTotThe smallest conversion plan;
Situation 2: work as CostTot<CostAWhen, other conversion plans are chosen, until there is the case where Situation1;
Situation 3: work as CostTot=CostAWhen, other conversion plans are chosen, until there is the case where Situation1.

Claims (11)

1. the interaction cost driving method for security protection that the present invention is typing resource;The present invention is based on data map, hum patterns Spectrum and three layers of knowledge mapping can automatically abstracting adjustment knowledge mapping framework, secure resources are divided into data safety resource, information Secure resources and knowledge security resource, and protect cost and attacker to attack cost protection of resources cost, Protector and count It calculates, is divided into three kinds of distinct interaction situations, and be directed to these three different dynamic interaction situations, in explicit and implicit secure resources feelings Change static resource by additions and deletions under shape to look into, is destroyed dynamic resource not;
Data map (DGDIK): DGDIK: = collection {array, list, stack, queue, tree, graph}
DGDIKIt is that various data structures include array (array), chained list (list), stack (stack), queue (queue), set (tree) and the set (collection) of figure (graph) etc..
2. data map can recorde the basic structure of entity, in addition, data map can also record time and space topological knot The frequency of structure;
Information Atlas (IGDIK): IGDIK:=compositiontime{DDIK};
IGDIKContain time relationship possessed by the data safety resource under special scenes;IGDIKIt is indicated in the form of digraph Interactive relation and conversion between information security resource;IGDIKIt can recorde the interaction between entity, this interactive relation includes Direct interactive relation and indirect interaction relationship;
Knowledge mapping (KGDIK): KGDIK:=collectionconsistent{RulesStatistic OR Logical}category
KGDIKIt is the experience by being gone out with empirical statistics to express, the experience of these empirical statistics is with potential fundamental What classification indicated;
Typing resource (TRDIK): TRDIK:=< DDIK, IDIK, KDIK>。
3.DDIKRepresent writing a Chinese character in simplified form for data, IDIKRepresentative information is write a Chinese character in simplified form, KDIKRepresent writing a Chinese character in simplified form for knowledge.
4.DDIKDo not specified by specific stakeholder or machine.
5.DDIKThe object observed directly is expressed as to the general sense only comprising its necessity mark.
6.IDIKRepresent the D that the mankind directly or indirectly observe or interactDIKOr IDIK
7.KDIKRepresent abstract DDIK, IDIKAnd KDIK, these DDIK, IDIKAnd KDIKIt is as a whole with limited or unlimited What complete manner carried out.
8. utilizing KDIKCome reasoning and prediction unknown resources or do not observe, but in DDIK, IDIKAnd KDIKAspect occurs for a certainty Relationship.
9. typing resource converts (Tran): Tran:=< TranD-D, TranD-I, TranI-D, TranI-I, TranI-K, TranK-I, TranK-K>
TranD-DFor DDIKIt is converted to DDIKSituation: for example know DDIK1" Xiao Li " and DDIK2" students' dining hall " can speculate small Lee's identity DDIKIt is student;TranI-IFor IDIKIt is converted to IDIKSituation: for example learn that " the daily 7:00 of Mr. Wang is on time from family In set out, 8:00 reaching on the time lawyer's office " IDIK, the I of " Mr. Wang works in lawyer's office " can be deducedDIK; TranD-IFor DDIKIt is converted to IDIKSituation: for example learn king classmate clap a photo on have DDIK" September 11:00 on the 1st ", " coconut palm woods ", " N20 ° 02 ' 45.97 of north latitude " E110 ° 11 ' 38.39 of east longitude ", can speculate " king classmate September 11:00 on the 1st is at Haikou " IDIK;TranI-DFor IDIKIt is converted to DDIKSituation: for example this is carved with a robot, does not have any recognition of face Function will allow it is judged that the D of 100 people in frontDIK" gender " convenes and carries out running training on this 100 people to playground, according to IDIK " 800 meters of tracks " and " running 800 meters of length of time ", in the D that can measure 100 people to a certain degreeDIK" gender ";TranK-K For KDIKIt is converted to KDIKSituation: for example according to KDIK" under normal conditions, women figure is smaller than male, but the two enteron aisle is the same It is long " K can be pushed away to obtainDIK" women is more also easy to produce satiety ";TranI-KFor IDIKIt is converted to KDIKSituation: for example have I at this timeDIK " the clock heartbeat of male's average minute is 80 times " and " the clock heartbeat of women average minute is 72 times ", can push away to obtain knowledge rule KDIK " women heartbeat is slower than male heartbeat ";TranK-IFor KDIKIt is converted to IDIKSituation: for example predict a rabbit movement rail Mark IDIK, it enters from A, by B, be now to predict it next toward C still D run, hang one on C at this time Root carrot, there is nothing on D door, according to the K of " rabbit love eats carrot "DIK, push away rabbit will run toward C;
To the conversion process of typing resource as shown in algorithm 1;
Safety (SE): secure resources refer to frequency of use height, have public characteristic, that is, have the resource of extensive influence power;Protection safety Resource refers to that protection frequency of use is high, has public characteristic, that is, influences extensive resource, is destroyed static security resource not, Dynamic security resource correctly executes;After traversing all types resource, the full resource distribution based on acquisition acquires resource It influences, the influence power of resource is bigger, illustrates that this resource is public, typing secure resources;Influence power (the F of resourceSR) Formula is as follows:
(1)
Wherein, f(TRDIK, t) and indicate frequency of use function, function learning usage type resource TRDIKWith time when using The relationship of t obtains the frequency of use and expected frequency of use of targeted security resource, g(Atr, Op) it is that public characteristic calculates function, Similarity between the attribute Atr and operation Op of analysis type resource entity, judges public between target type resource Feature;
Typing secure resources (SRDIK): SRDIK:=< SRType, SRScale >
SRType:={SDDIK, SIDIK, SKDIK, wherein SDDIKRepresent data safety resource, SIDIKRepresentative information secure resources, SKDIKRepresent knowledge security resource;SRScaleRepresent the specification of each type resource;SIDIKIt indicates between secure entity Interactive relation and cooperation relation;By carrying out classification pumping to intersection record relevant to secure entity dynamic behaviour or behavior record As obtaining SK in the form of statistical rulesDIK;SK is inferred to from known resourceDIK, and (if tested, adjusted by technology appropriate Look into) necessary SI is collected in reasoning processDIK
10. from SIDIKTo SDDIKConversion, both can be used as from the generalities process for being related to entity, and can also be used as a kind of pumping As that will include SIDIKCoherent element be selectively mapped to SDDIKElement in object element structure.
11. obtaining SD by the object for observing a static specific timeDIK;SKDIKElement or in their classification Bottom fine granularity example (such as sub- attribute or sub-operation) it is associated, or pass through purely logical reason or mathematical computations connection; From SKDIKTo SIDIKAnd SDDIKTop-down influence be by time creatively by SKDIKContent resolution be SIDIKAnd SDDIKIt realizes;
The interaction cost driving method for security protection detailed process of typing resource is as follows:
Step 1) input ownership goal security type resource, construct three layers can automatically abstracting data map, Information Atlas With knowledge mapping framework;
Step 2 calculates the influence power of typing resource;INF(SRType) → M [INFSR1, INFSR2…INFSRn]: influence power calculates Function INF is inputting different types of secure resources SRTypeAfterwards, the influence power size of each node is calculated, and will affect power Calculated result INFSRnArray M is stored in by sequence from big to small;Influence power (INFSRn) calculate as shown in Equation, wherein deg+Represent the out-degree of node, deg-Represent the in-degree of node:
(2)
Step 3) finds the transduction pathway of typing resource;Find(M) → XGDIKni: it finds path function Find and is passing through INF letter After number obtains array M, successively to the INF in MSRnPath searching is carried out, the number of passes searched out is i, each path deposit XGDIKniArray, XGDIKRepresent DGDIK, IGDIKAnd KGDIKIn any one map on typing resource;Such as in hum pattern There is one in spectrumThe node influence power of=(ABCDEFG), C are maximum, and there is IG in the path for obtaining CDIKOn (ABC) and (ABFGC) two, and can also be according to DGDIKOn=(abcdef) is obtained, and then i is 3, and three paths are divided It Cun Ru not array IGDIKn1, IGDIKn2And DGDIKn3
Step 4) calculates the cost of typing resource conversion;CountTran(M, XGDIKni) → CostTrans: switching cost calculates letter Number CountTransThe XG that array M and the Find function obtained according to INF function obtainsDIKni, to the switching cost of typing resource It is calculated, obtains switching cost CostTrans;The calculating of CostTrans is as shown in formula (3):
(3)
Wherein, SUnitCostSRTypei-SRTypejIt is the atom cost of typing resource conversion, it is specific as shown in table 2;It is arrived according to M XGDIKniConversion quantity i total switching cost is calculated;
Step 5) calculates the cost of typing Resource Calculation;CountCom(M) → CostCom: protection cost calculates function CountCom is made of the cost and search cost of destruction node, is calculated as shown in formula:
(4)
Wherein, PerdesIt is the unit cost destroyed, PerSeIt is the unit cost of search;
The atom cost of the typing resource of table 2. conversion
The safeguard protection of step 6) progress dynamic interaction cost driving;Compare(CostA, CostTrans, CostCom, CostP) → Finalni: interaction cost driving function Compare is in input CostTransAnd CostComAfterwards, typing resource total generation is calculated Valence CostTot, CostTot=CostTrans+CostCom;After compare CostTotWith the expected attack cost Cost of attackerAIt is compared, There are following three kinds of situations:
Situation 1: work as CostTot>CostA, and the expected investment Cost of userP<CostTotWhen, selection is protected next in M A typing resource;Work as CostP≥CostTotWhen, take CostTotThe smallest conversion plan;
Situation 2: work as CostTot<CostAWhen, other conversion plans are chosen, until there is the case where Situation1;
Situation 3: work as CostTot=CostAWhen, other conversion plans are chosen, until there is the case where Situation1.
CN201811111385.3A 2018-09-23 2018-09-23 Interactive cost driving safety protection method of typed resources Active CN109344649B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201811111385.3A CN109344649B (en) 2018-09-23 2018-09-23 Interactive cost driving safety protection method of typed resources

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201811111385.3A CN109344649B (en) 2018-09-23 2018-09-23 Interactive cost driving safety protection method of typed resources

Publications (2)

Publication Number Publication Date
CN109344649A true CN109344649A (en) 2019-02-15
CN109344649B CN109344649B (en) 2020-07-07

Family

ID=65306543

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201811111385.3A Active CN109344649B (en) 2018-09-23 2018-09-23 Interactive cost driving safety protection method of typed resources

Country Status (1)

Country Link
CN (1) CN109344649B (en)

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101415595A (en) * 2006-02-15 2009-04-22 通用电气公司 Method and system for wireless locomotive remote control using implicit message sequence numbering
CN107066634A (en) * 2017-06-25 2017-08-18 海南大学 A kind of resource storage efficiency optimization method for the data-oriented collection of illustrative plates, Information Atlas and knowledge mapping for putting into driving
CN107229878A (en) * 2017-06-28 2017-10-03 海南大学 A kind of resource security protection method based on data collection of illustrative plates, Information Atlas and knowledge mapping for putting into the security definable determined
US20180048661A1 (en) * 2016-08-15 2018-02-15 International Business Machines Corporation Cognitive offense analysis using contextual data and knowledge graphs
CN108429748A (en) * 2018-03-09 2018-08-21 海南大学 Put into the Internet of Things resource security protection method of driving

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101415595A (en) * 2006-02-15 2009-04-22 通用电气公司 Method and system for wireless locomotive remote control using implicit message sequence numbering
US20180048661A1 (en) * 2016-08-15 2018-02-15 International Business Machines Corporation Cognitive offense analysis using contextual data and knowledge graphs
CN107066634A (en) * 2017-06-25 2017-08-18 海南大学 A kind of resource storage efficiency optimization method for the data-oriented collection of illustrative plates, Information Atlas and knowledge mapping for putting into driving
CN107229878A (en) * 2017-06-28 2017-10-03 海南大学 A kind of resource security protection method based on data collection of illustrative plates, Information Atlas and knowledge mapping for putting into the security definable determined
CN108429748A (en) * 2018-03-09 2018-08-21 海南大学 Put into the Internet of Things resource security protection method of driving

Non-Patent Citations (2)

* Cited by examiner, † Cited by third party
Title
DENG ZHAO 等: "An Energy-Aware Service Composition Mechanism in Service-Oriented Wireless Sensor Networks", 《2017 IEEE INTERNATIONAL CONGRESS ON INTERNET OF THINGS (ICIOT)》 *
惠赟: "组织隐性知识共享的管理机制研究", 《中国博士学位论文全文数据库 经济与管理科学辑》 *

Also Published As

Publication number Publication date
CN109344649B (en) 2020-07-07

Similar Documents

Publication Publication Date Title
Hu et al. Understanding the topic evolution of scientific literatures like an evolving city: Using Google Word2Vec model and spatial autocorrelation analysis
Weisheimer et al. Addressing model error through atmospheric stochastic physical parametrizations: Impact on the coupled ECMWF seasonal forecasting system
Evans et al. Using statistical physics to understand relational space: a case study from Mediterranean prehistory
Pham et al. Towards integrating real-world spatiotemporal data with social networks
Hegelich Deep learning and punctuated equilibrium theory
Knox et al. The Routledge Companion to Philosophy of Physics
Hu et al. Essence Computation Oriented Multi-semantic Analysis Crossing Multi-modal DIKW Graphs
Nasution et al. Entrepreneurship intention prediction using decision tree and support vector machine
Li et al. TeAST: Temporal Knowledge Graph Embedding via Archimedean Spiral Timeline
Yuan et al. A typology of spatiotemporal information queries
CN109344649A (en) The interaction cost of typing resource drives method for security protection
Matisziw et al. Measuring spatial correspondence among network paths
Liu The diffusion of scientific ideas in time and indicators for the description of this process
Shen et al. Exploring the construction and application of spatial scene knowledge graphs considering topological relations
Kim et al. Construction of disaster knowledge graphs to enhance disaster resilience
Yan et al. Multilevel Robustness for 2D Vector Field Feature Tracking, Selection and Comparison
Li et al. The analysis of research hot spot and trend on artificial intelligence in education
Xu et al. Understanding human mobility: A multi-modal and intelligent moving objects database
Lam Abrupt climate changes and tipping points: Epistemic and methodological issues
Andriani Application of C4. 5 algorithm for detection of cooperatives failure in province level
Liu et al. Secure data publishing of private trajectory in edge computing of iot
Yang Clustering analyzing of undergraduate schools based on k-means algorithm
Volchenkov Assessing Complexity of Urban Spatial Networks
Zhang et al. Transfer learning for urban computing: A case study for optimal retail store placement
CN109063214B (en) The resource hiding method that the typing data and its figure of value driving indicate

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant