CN109344649A - The interaction cost of typing resource drives method for security protection - Google Patents
The interaction cost of typing resource drives method for security protection Download PDFInfo
- Publication number
- CN109344649A CN109344649A CN201811111385.3A CN201811111385A CN109344649A CN 109344649 A CN109344649 A CN 109344649A CN 201811111385 A CN201811111385 A CN 201811111385A CN 109344649 A CN109344649 A CN 109344649A
- Authority
- CN
- China
- Prior art keywords
- dik
- cost
- resource
- typing
- tran
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Health & Medical Sciences (AREA)
- Bioethics (AREA)
- General Health & Medical Sciences (AREA)
- Computer Hardware Design (AREA)
- Computer Security & Cryptography (AREA)
- Software Systems (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Management, Administration, Business Operations System, And Electronic Commerce (AREA)
Abstract
The present invention is the interaction cost driving method for security protection of typing resource;The present invention is based on data maps; three layers of Information Atlas and knowledge mapping can automatically abstracting adjustment knowledge mapping framework; secure resources are divided into data safety resource; information security resource and knowledge security resource; and it protects cost and attacker to attack cost protection of resources cost, Protector and calculates; it is divided into three kinds of distinct interaction situations; and it is directed to these three different dynamic interaction situations; change static resource by additions and deletions under explicit and implicit secure resources situation to look into; it is destroyed dynamic resource not, the invention belongs to distributed computings and soft project crossing domain.
Description
Technical field
The present invention is the interaction cost driving method for security protection of typing resource, belongs to distributed computing and soft project
Crossing domain.
Background technique
The collection and use of secure resources can generate value, however management is but not yet received in the protection of information security.Resource
Maintenance must assure that in the case of resource not will receive without permission to the use of resource, distort, loses, destroy and other situations
Occur.Existing demand for security modeling method does not distinguish the type of resource, and various secure resources are interweaved together, are difficult
Effectively support data Layer, the inquiry on Information Level and stratum of intellectual is abstracted, addition, and deletion and modification are looked into accordingly in systems
It askes, is abstracted, the increase and deletion of secure resources can not be effectively performed.Current method for security protection can not directly be found
These information security resources, in fact can be by analysis information (direct information and indirect information) secure resources and logical
The modes such as analysis information combination related data or knowledge security resource are crossed to obtain.Therefore, existing method is provided to can directly search
To the protection of information security still cannot fundamentally solve secure user data protection problem.
The present invention is the interaction cost driving method for security protection of typing resource;The present invention is based on data map, information
Three layers of map and knowledge mapping can automatically abstracting adjustment knowledge mapping framework, secure resources are divided into data safety resource, are believed
Secure resources and knowledge security resource are ceased, and protects cost and attacker to attack cost protection of resources cost, Protector and carries out
It calculates, is divided into three kinds of distinct interaction situations, and be directed to these three different dynamic interaction situations, in explicit and implicit secure resources
Change static resource by additions and deletions under situation to look into, is destroyed dynamic resource not.
Summary of the invention
Technical problem: existing demand for security modeling method does not have Distinguish resource, and various secure resources are interweaved
Together, it is difficult effectively to support data Layer, the inquiry on Information Level and stratum of intellectual, is abstracted, addition is deleted and modified, therefore phase
The inquiry answered is abstracted, and the increase and deletion of secure resources can not be effectively performed.
Technical solution: method of the invention is a kind of tactic method, the present invention is based on three layers can automatically abstracting adjustment
Secure resources are classified as data safety resource, information security resource and knowledge security resource by knowledge mapping framework;Calculate target
The storage and conversion total cost of secure resources, by the expected cost of the protection of Protector and the expected cost of the attack of attacker and storage
It is compared with the total cost of conversion, obtains total cost and be less than, be equal to, being greater than and attack expected three kinds of interaction situations of cost, protecting
Protection path of the lower selection of the expected investment driving of the protection of shield person to targeted security resource.
Architecture
The present invention is based on data map, Information Atlas and knowledge mapping frameworks to be classified as data safety resource for secure resources, letter
Cease secure resources and knowledge security resource;When protecting secure resources, the present invention proposes to calculate protection based on dynamic interaction
The cost of person and attacker, and it is stored in safe space after converting according to cost driving to secure resources, in safe space,
Secure resources will not be used, and be distorted, and lost and destroyed;Data map is given below, Information Atlas, knowledge mapping is safe,
Typing resource, typing secure resources, explicit information secure resources, implicit information secure resources, the definition of safe space;
Data map (DGDIK): DGDIK: = collection {array, list, stack, queue, tree,
graph}
DGDIKIt is that various data structures include array (array), chained list (list), stack (stack), queue (queue), set
(tree) and the set (collection) of figure (graph) etc..Data map can recorde the basic structure of entity, in addition, number
The frequency of time and Space expanding can also be recorded according to map;
Information Atlas (IGDIK): IGDIK:=compositiontime{DDIK};
IGDIKContain time relationship possessed by the data safety resource under special scenes;IGDIKIt is indicated in the form of digraph
Interactive relation and conversion between information security resource;IGDIKIt can recorde the interaction between entity, this interactive relation includes
Direct interactive relation and indirect interaction relationship;
Knowledge mapping (KGDIK): KGDIK:=collectionconsistent{RulesStatistic OR Logical}category;
KGDIKIt is the experience by being gone out with empirical statistics to express, the experience of these empirical statistics is with potential fundamental
What classification indicated;
Safety (SE): secure resources refer to frequency of use height, have public characteristic, that is, have the resource of extensive influence power;Protection safety
Resource refers to that protection frequency of use is high, has public characteristic, that is, influences extensive resource, is destroyed static security resource not,
Dynamic security resource correctly executes;After traversing all types resource, the full resource distribution based on acquisition acquires resource
It influences, the influence power of resource is bigger, illustrates that this resource is public, typing secure resources;Influence power (the F of resourceSR)
Formula is as follows:
(1)
Wherein, f(TRDIK, t) and indicate frequency of use function, function learning usage type resource TRDIKWith time when using
The relationship of t obtains the frequency of use and expected frequency of use of targeted security resource, g(Atr, Op) it is that public characteristic calculates function,
Similarity between the attribute Atr and operation Op of analysis type resource entity, judges public between target type resource
Feature;
Typing resource (TRDIK): TRDIK:=< DDIK, IDIK, KDIK>。
DDIKRepresent writing a Chinese character in simplified form for data, IDIKRepresentative information is write a Chinese character in simplified form, KDIKRepresent writing a Chinese character in simplified form for knowledge.DDIKIt is not specific
Stakeholder or machine are specified.DDIKThe object observed directly is expressed as to the general sense only comprising its necessity mark.
IDIKRepresent the D that the mankind directly or indirectly observe or interactDIKOr IDIK。KDIKRepresent abstract DDIK, IDIKAnd KDIK, this
A little DDIK, IDIKAnd KDIKIt is to be carried out as a whole with limited or unlimited complete manner.Utilize KDIKCome reasoning and prediction
Unknown resources are not observed, but in DDIK, IDIKAnd KDIKThe relationship that aspect has occurred for a certainty.
Fig. 1 show the state diagram between typing resource;Tran:=< TranD-D, TranD-I, TranI-D, TranI-I,
TranI-K, TranK-I, TranK-K>
TranD-DFor DDIKIt is converted to DDIKSituation: for example know DDIK1" Xiao Li " and DDIK2" students' dining hall " can speculate
Xiao Li's identity DDIKIt is student;TranI-IFor IDIKIt is converted to IDIKSituation: for example learn " the daily 7:00 of Mr. Wang on time from
Family sets out, 8:00 reaching on the time lawyer's office " IDIK, " Mr. Wang works in lawyer's office " can be deduced
IDIK;TranD-IFor DDIKIt is converted to IDIKSituation: for example learn king classmate clap a photo on have DDIK" September 1 day 11:
00 ", " coconut palm woods ", " N20 ° 02 ' 45.97 of north latitude " E110 ° 11 ' 38.39 of east longitude ", can speculate that " king classmate September 11:00 on the 1st exists
The I at Haikou "DIK;TranI-DFor IDIKIt is converted to DDIKSituation: for example this is carved with a robot, does not have any face and knows
Other function will allow it is judged that the D of 100 people in frontDIK" gender " convenes and carries out running training, root on this 100 people to playground
According to IDIK" 800 meters of tracks " and " running 800 meters of length of time ", in the D that can measure 100 people to a certain degreeDIK" gender ";
TranK-KFor KDIKIt is converted to KDIKSituation: for example according to KDIK" under normal conditions, women figure is smaller than male, but the two intestines
Road is equally long " K can be pushed away to obtainDIK" women is more also easy to produce satiety ";TranI-KFor IDIKIt is converted to KDIKSituation: for example this
When have IDIK" the clock heartbeat of male's average minute is 80 times " and " the clock heartbeat of women average minute is 72 times ", can push away to obtain knowledge
Regular KDIK" women heartbeat is slower than male heartbeat ";TranK-IFor KDIKIt is converted to IDIKSituation: for example predict rabbit
Motion profile IDIK, it enters from A, by B, is now to predict next it runs toward C or D, at this time on C door
Hang a carrot, there is nothing on D door, according to the K of " rabbit love eats carrot "DIK, push away rabbit will run toward C;
To the conversion process of typing resource as shown in algorithm 1;
Typing secure resources (SRDIK): SRDIK:=< SRType, SRScale >
SRType:={SDDIK, SIDIK, SKDIK, wherein SDDIKRepresent data safety resource, SIDIKRepresentative information secure resources,
SKDIKRepresent knowledge security resource;SRScaleRepresent the specification of each type resource;SIDIKIt indicates between secure entity
Interactive relation and cooperation relation;By carrying out classification pumping to intersection record relevant to secure entity dynamic behaviour or behavior record
As obtaining SK in the form of statistical rulesDIK;SK is inferred to from known resourceDIK, and (if tested, adjusted by technology appropriate
Look into) necessary SI is collected in reasoning processDIK.From SIDIKTo SDDIKConversion, both can be used as from being related to the general of entity
Thought process can also be used as one kind and be abstracted, will include SIDIKCoherent element be selectively mapped to SDDIKObject element knot
Element in structure.SD is obtained by observing the object of a static specific timeDIK;SKDIKElement or class with them
Bottom fine granularity example (such as sub- attribute or sub-operation) in not is associated, or is connected by purely logical reason or mathematical computations
It connects;From SKDIKTo SIDIKAnd SDDIKTop-down influence be by time creatively by SKDIKContent resolution be
SIDIKAnd SDDIKIt realizes;
Explicit and implicit secure resources: further by data, the targeted security resource of information and knowledge is according to it in search space
In presence be classified as explicit and implicit situation;Definition is as shown in table 1:
Table 1 is explicit and implicit type secure resources define table
Explicit implicit recognizer Ver=(Get of typing secure resourcesp, RLSRDIK), it include two algorithms, specific as follows:
(1) Getp(SRDIKi, DGDIK·IGDIK·KGDIK) → p=0 | p=1: implicit explicit discriminant function Getp, in input target peace
Wholly-owned source SRDIKiAfterwards, in DGDIK, IGDIK, KGDIKOn successively traverse, arrived if can directly search, return p=0, if cannot directly search
Rope arrives, and returns to p=1;
(2) RLSRDIK(p=1, SRDIKi, SRDIKj) → t [SRDIKj, c]: secure resources relation function RLSRDIK, in GetpFunction is true
Determine secure resources not and be it is explicit, i.e., behind p=1, again in DGDIK, IGDIK, KGDIKOn successively traverse, search targeted security money
Source SRDIKi, SR is recorded with an array tDIKiWith other secure resources SRDIKjBetween interactive relation, c recording interactive frequency, lead to
Cross the record of t, the searching route of available implicit secure resources;
Protection sequence (SequenceP): SequenceP=(INF, Find, CountTran, CountCom, Compare), it include five
Algorithm, specific as follows:
(1) INF(SRType) → M [INFSR1, INFSR2…INFSRn]: influence power calculates function INF, different types of inputting
Secure resources SRTypeAfterwards, the influence power size of each node is calculated, and will affect power calculated result INFSRnBy from big to small
Sequence be stored in array M;Influence power (INFSRn) calculate as shown in Equation, wherein deg+Represent the out-degree of node, deg-It represents
The in-degree of node:
(2)
(2) Find(M) → XGDIKni: path function Find is found after obtaining array M by INF function, successively in M
INFSRnPath searching is carried out, the number of passes searched out is i, and each path is stored in XGDIKniArray, XGDIKRepresent DGDIK, IGDIK
And KGDIKIn any one map on typing resource;Such as shown in Fig. 3, there is one on Information Atlas=
(ABCDEFG), the node influence power of C is maximum, and there is IG in the path for obtaining CDIKOn (ABC) and (ABFGC) two, and
It can also be according to DGDIKOn=(abcdef) is obtained, and then i is 3, and three paths are stored in array IG respectivelyDIKn1,
IGDIKn2And DGDIKn3;
(3) CountTran(M, XGDIKni) → CostTrans: switching cost calculates function CountTransIt is obtained according to INF function
The XG that array M and Find function obtainsDIKni, the switching cost of typing resource is calculated, switching cost is obtained
CostTrans;The calculating of CostTrans is as shown in formula (3):
(3)
Wherein, SUnitCostSRTypei-SRTypejIt is the atom cost of typing resource conversion, it is specific as shown in table 2;It is arrived according to M
XGDIKniConversion quantity i total switching cost is calculated;
(4) CountCom(M) → CostCom: protection cost calculates function CountCom by the cost and search cost of destruction node
Composition calculates as shown in formula:
(4)
Wherein, PerdesIt is the unit cost destroyed, PerSeIt is the unit cost of search;
The atom cost of the typing resource of table 2. conversion
(5) Compare(CostA, CostTrans, CostCom, CostP) → Finalni: interaction cost driving function Compare exists
Input CostTransAnd CostComAfterwards, the total cost Cost of typing resource is calculatedTot, CostTot=CostTrans+CostCom;
After compare CostTotWith the expected attack cost Cost of attackerAIt is compared, there is following three kinds of situations:
Situation 1: work as CostTot>CostA, and the expected investment Cost of userP<CostTotWhen, selection is protected next in M
A typing resource;Work as CostP≥CostTotWhen, take CostTotThe smallest conversion plan;
Situation 2: work as CostTot<CostAWhen, other conversion plans are chosen, until there is the case where Situation1;
Situation 3: work as CostTot=CostAWhen, other conversion plans are chosen, until there is the case where Situation1;
The utility model has the advantages that
The method of the present invention propose typing resource interaction cost driving method for security protection method, this method and have such as
Lower advantage:
1) secure resources are divided into data safety money on data map, Information Atlas and knowledge mapping three-tier architecture by the present invention
Source, information security resource and knowledge security resource change static security resource by additions and deletions and look into, and dynamic security resource is not broken
It is bad;
2) present invention calculates the storage and conversion total cost of targeted security resource, by the expected cost of the protection of Protector and attacker
The expected cost of attack and the total cost of storage and conversion compare, obtain total cost and be less than, be equal to, being greater than attack and be expected generation
Three kinds of interaction situations of valence, Protection path of the selection to targeted security resource under the expected investment driving of protection of Protector.
Detailed description of the invention
Fig. 1 is the state diagram of typing resource conversion in the dynamic interaction cost driving towards typing resource;
Fig. 2 is a specific embodiment of typing resource conversion in the dynamic interaction cost driving towards typing resource;
Fig. 3 is the specific flow chart of the interaction cost driving method for security protection of typing resource.
Specific embodiment
The detailed process of the interaction cost driving method for security protection of typing resource is as follows:
Shown in 001 in step 1) corresponding diagram 3, ownership goal security type resource is inputted, constructing three layers can automatically abstracting
Data map, Information Atlas and knowledge mapping framework;
Shown in 002 in step 2 corresponding diagram 3, the influence power of typing resource is calculated;
INF(SRType) → M [INFSR1, INFSR2…INFSRn]: influence power calculates function INF, is inputting different types of safety
Resource SRTypeAfterwards, the influence power size of each node is calculated, and will affect power calculated result INFSRnIt is suitable by from big to small
Sequence is stored in array M;Influence power (INFSRn) calculate as shown in Equation, wherein deg+Represent the out-degree of node, deg-Represent node
In-degree:
(2)
Shown in 003 in step 3) corresponding diagram 3, the transduction pathway of typing resource is found;
Find(M) → XGDIKni: path function Find is found after obtaining array M by INF function, successively to the INF in MSRn
Path searching is carried out, the number of passes searched out is i, and each path is stored in XGDIKniArray, XGDIKRepresent DGDIK, IGDIKWith
KGDIKIn any one map on typing resource;
Such as shown in Fig. 3, there is one on Information AtlasThe node influence power of=(ABCDEFG), C are maximum, and obtain C
Path have IGDIKOn (ABC) and (ABFGC) two, and can also be according to DGDIKOn=(abcdef) is obtained,
Then i is 3, and three paths are stored in array IG respectivelyDIKn1, IGDIKn2And DGDIKn3;
Shown in 004 in step 4) corresponding diagram 3, the cost of typing resource conversion is calculated;
CountTran(M, XGDIKni) → CostTrans: switching cost calculates function CountTransThe array obtained according to INF function
The XG that M and Find function obtainsDIKni, the switching cost of typing resource is calculated, switching cost Cost is obtainedTrans;
The calculating of CostTrans is as shown in formula (3):
(3)
Wherein, SUnitCostSRTypei-SRTypejIt is the atom cost of typing resource conversion, it is specific as shown in table 2;It is arrived according to M
XGDIKniConversion quantity i total switching cost is calculated;
Shown in 005 in step 5) corresponding diagram 3, the cost of typing Resource Calculation is calculated;
CountCom(M) → CostCom: protection cost calculates function CountCom by the cost and search cost group of destruction node
At calculating is as shown in formula:
(4)
Wherein, PerdesIt is the unit cost destroyed, PerSeIt is the unit cost of search;
The atom cost of the typing resource of table 2. conversion
Shown in 006 in step 6) corresponding diagram 3, the safeguard protection of dynamic interaction cost driving is carried out;Compare(CostA,
CostTrans, CostCom, CostP) → Finalni: interaction cost driving function Compare is in input CostTransAnd CostCom
Afterwards, the total cost Cost of typing resource is calculatedTot, CostTot=CostTrans+CostCom;After compare CostTotWith attacker
It is expected that attack cost CostAIt is compared, there is following three kinds of situations:
Situation 1: work as CostTot>CostA, and the expected investment Cost of userP<CostTotWhen, selection is protected next in M
A typing resource;Work as CostP≥CostTotWhen, take CostTotThe smallest conversion plan;
Situation 2: work as CostTot<CostAWhen, other conversion plans are chosen, until there is the case where Situation1;
Situation 3: work as CostTot=CostAWhen, other conversion plans are chosen, until there is the case where Situation1.
Claims (11)
1. the interaction cost driving method for security protection that the present invention is typing resource;The present invention is based on data map, hum patterns
Spectrum and three layers of knowledge mapping can automatically abstracting adjustment knowledge mapping framework, secure resources are divided into data safety resource, information
Secure resources and knowledge security resource, and protect cost and attacker to attack cost protection of resources cost, Protector and count
It calculates, is divided into three kinds of distinct interaction situations, and be directed to these three different dynamic interaction situations, in explicit and implicit secure resources feelings
Change static resource by additions and deletions under shape to look into, is destroyed dynamic resource not;
Data map (DGDIK): DGDIK: = collection {array, list, stack, queue, tree,
graph}
DGDIKIt is that various data structures include array (array), chained list (list), stack (stack), queue (queue), set
(tree) and the set (collection) of figure (graph) etc..
2. data map can recorde the basic structure of entity, in addition, data map can also record time and space topological knot
The frequency of structure;
Information Atlas (IGDIK): IGDIK:=compositiontime{DDIK};
IGDIKContain time relationship possessed by the data safety resource under special scenes;IGDIKIt is indicated in the form of digraph
Interactive relation and conversion between information security resource;IGDIKIt can recorde the interaction between entity, this interactive relation includes
Direct interactive relation and indirect interaction relationship;
Knowledge mapping (KGDIK): KGDIK:=collectionconsistent{RulesStatistic OR Logical}category;
KGDIKIt is the experience by being gone out with empirical statistics to express, the experience of these empirical statistics is with potential fundamental
What classification indicated;
Typing resource (TRDIK): TRDIK:=< DDIK, IDIK, KDIK>。
3.DDIKRepresent writing a Chinese character in simplified form for data, IDIKRepresentative information is write a Chinese character in simplified form, KDIKRepresent writing a Chinese character in simplified form for knowledge.
4.DDIKDo not specified by specific stakeholder or machine.
5.DDIKThe object observed directly is expressed as to the general sense only comprising its necessity mark.
6.IDIKRepresent the D that the mankind directly or indirectly observe or interactDIKOr IDIK。
7.KDIKRepresent abstract DDIK, IDIKAnd KDIK, these DDIK, IDIKAnd KDIKIt is as a whole with limited or unlimited
What complete manner carried out.
8. utilizing KDIKCome reasoning and prediction unknown resources or do not observe, but in DDIK, IDIKAnd KDIKAspect occurs for a certainty
Relationship.
9. typing resource converts (Tran): Tran:=< TranD-D, TranD-I, TranI-D, TranI-I, TranI-K, TranK-I,
TranK-K>
TranD-DFor DDIKIt is converted to DDIKSituation: for example know DDIK1" Xiao Li " and DDIK2" students' dining hall " can speculate small
Lee's identity DDIKIt is student;TranI-IFor IDIKIt is converted to IDIKSituation: for example learn that " the daily 7:00 of Mr. Wang is on time from family
In set out, 8:00 reaching on the time lawyer's office " IDIK, the I of " Mr. Wang works in lawyer's office " can be deducedDIK;
TranD-IFor DDIKIt is converted to IDIKSituation: for example learn king classmate clap a photo on have DDIK" September 11:00 on the 1st ",
" coconut palm woods ", " N20 ° 02 ' 45.97 of north latitude " E110 ° 11 ' 38.39 of east longitude ", can speculate " king classmate September 11:00 on the 1st is at Haikou "
IDIK;TranI-DFor IDIKIt is converted to DDIKSituation: for example this is carved with a robot, does not have any recognition of face
Function will allow it is judged that the D of 100 people in frontDIK" gender " convenes and carries out running training on this 100 people to playground, according to IDIK
" 800 meters of tracks " and " running 800 meters of length of time ", in the D that can measure 100 people to a certain degreeDIK" gender ";TranK-K
For KDIKIt is converted to KDIKSituation: for example according to KDIK" under normal conditions, women figure is smaller than male, but the two enteron aisle is the same
It is long " K can be pushed away to obtainDIK" women is more also easy to produce satiety ";TranI-KFor IDIKIt is converted to KDIKSituation: for example have I at this timeDIK
" the clock heartbeat of male's average minute is 80 times " and " the clock heartbeat of women average minute is 72 times ", can push away to obtain knowledge rule KDIK
" women heartbeat is slower than male heartbeat ";TranK-IFor KDIKIt is converted to IDIKSituation: for example predict a rabbit movement rail
Mark IDIK, it enters from A, by B, be now to predict it next toward C still D run, hang one on C at this time
Root carrot, there is nothing on D door, according to the K of " rabbit love eats carrot "DIK, push away rabbit will run toward C;
To the conversion process of typing resource as shown in algorithm 1;
Safety (SE): secure resources refer to frequency of use height, have public characteristic, that is, have the resource of extensive influence power;Protection safety
Resource refers to that protection frequency of use is high, has public characteristic, that is, influences extensive resource, is destroyed static security resource not,
Dynamic security resource correctly executes;After traversing all types resource, the full resource distribution based on acquisition acquires resource
It influences, the influence power of resource is bigger, illustrates that this resource is public, typing secure resources;Influence power (the F of resourceSR)
Formula is as follows:
(1)
Wherein, f(TRDIK, t) and indicate frequency of use function, function learning usage type resource TRDIKWith time when using
The relationship of t obtains the frequency of use and expected frequency of use of targeted security resource, g(Atr, Op) it is that public characteristic calculates function,
Similarity between the attribute Atr and operation Op of analysis type resource entity, judges public between target type resource
Feature;
Typing secure resources (SRDIK): SRDIK:=< SRType, SRScale >
SRType:={SDDIK, SIDIK, SKDIK, wherein SDDIKRepresent data safety resource, SIDIKRepresentative information secure resources,
SKDIKRepresent knowledge security resource;SRScaleRepresent the specification of each type resource;SIDIKIt indicates between secure entity
Interactive relation and cooperation relation;By carrying out classification pumping to intersection record relevant to secure entity dynamic behaviour or behavior record
As obtaining SK in the form of statistical rulesDIK;SK is inferred to from known resourceDIK, and (if tested, adjusted by technology appropriate
Look into) necessary SI is collected in reasoning processDIK。
10. from SIDIKTo SDDIKConversion, both can be used as from the generalities process for being related to entity, and can also be used as a kind of pumping
As that will include SIDIKCoherent element be selectively mapped to SDDIKElement in object element structure.
11. obtaining SD by the object for observing a static specific timeDIK;SKDIKElement or in their classification
Bottom fine granularity example (such as sub- attribute or sub-operation) it is associated, or pass through purely logical reason or mathematical computations connection;
From SKDIKTo SIDIKAnd SDDIKTop-down influence be by time creatively by SKDIKContent resolution be
SIDIKAnd SDDIKIt realizes;
The interaction cost driving method for security protection detailed process of typing resource is as follows:
Step 1) input ownership goal security type resource, construct three layers can automatically abstracting data map, Information Atlas
With knowledge mapping framework;
Step 2 calculates the influence power of typing resource;INF(SRType) → M [INFSR1, INFSR2…INFSRn]: influence power calculates
Function INF is inputting different types of secure resources SRTypeAfterwards, the influence power size of each node is calculated, and will affect power
Calculated result INFSRnArray M is stored in by sequence from big to small;Influence power (INFSRn) calculate as shown in Equation, wherein deg+Represent the out-degree of node, deg-Represent the in-degree of node:
(2)
Step 3) finds the transduction pathway of typing resource;Find(M) → XGDIKni: it finds path function Find and is passing through INF letter
After number obtains array M, successively to the INF in MSRnPath searching is carried out, the number of passes searched out is i, each path deposit
XGDIKniArray, XGDIKRepresent DGDIK, IGDIKAnd KGDIKIn any one map on typing resource;Such as in hum pattern
There is one in spectrumThe node influence power of=(ABCDEFG), C are maximum, and there is IG in the path for obtaining CDIKOn (ABC) and
(ABFGC) two, and can also be according to DGDIKOn=(abcdef) is obtained, and then i is 3, and three paths are divided
It Cun Ru not array IGDIKn1, IGDIKn2And DGDIKn3;
Step 4) calculates the cost of typing resource conversion;CountTran(M, XGDIKni) → CostTrans: switching cost calculates letter
Number CountTransThe XG that array M and the Find function obtained according to INF function obtainsDIKni, to the switching cost of typing resource
It is calculated, obtains switching cost CostTrans;The calculating of CostTrans is as shown in formula (3):
(3)
Wherein, SUnitCostSRTypei-SRTypejIt is the atom cost of typing resource conversion, it is specific as shown in table 2;It is arrived according to M
XGDIKniConversion quantity i total switching cost is calculated;
Step 5) calculates the cost of typing Resource Calculation;CountCom(M) → CostCom: protection cost calculates function
CountCom is made of the cost and search cost of destruction node, is calculated as shown in formula:
(4)
Wherein, PerdesIt is the unit cost destroyed, PerSeIt is the unit cost of search;
The atom cost of the typing resource of table 2. conversion
The safeguard protection of step 6) progress dynamic interaction cost driving;Compare(CostA, CostTrans, CostCom, CostP) →
Finalni: interaction cost driving function Compare is in input CostTransAnd CostComAfterwards, typing resource total generation is calculated
Valence CostTot, CostTot=CostTrans+CostCom;After compare CostTotWith the expected attack cost Cost of attackerAIt is compared,
There are following three kinds of situations:
Situation 1: work as CostTot>CostA, and the expected investment Cost of userP<CostTotWhen, selection is protected next in M
A typing resource;Work as CostP≥CostTotWhen, take CostTotThe smallest conversion plan;
Situation 2: work as CostTot<CostAWhen, other conversion plans are chosen, until there is the case where Situation1;
Situation 3: work as CostTot=CostAWhen, other conversion plans are chosen, until there is the case where Situation1.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201811111385.3A CN109344649B (en) | 2018-09-23 | 2018-09-23 | Interactive cost driving safety protection method of typed resources |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201811111385.3A CN109344649B (en) | 2018-09-23 | 2018-09-23 | Interactive cost driving safety protection method of typed resources |
Publications (2)
Publication Number | Publication Date |
---|---|
CN109344649A true CN109344649A (en) | 2019-02-15 |
CN109344649B CN109344649B (en) | 2020-07-07 |
Family
ID=65306543
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201811111385.3A Active CN109344649B (en) | 2018-09-23 | 2018-09-23 | Interactive cost driving safety protection method of typed resources |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN109344649B (en) |
Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101415595A (en) * | 2006-02-15 | 2009-04-22 | 通用电气公司 | Method and system for wireless locomotive remote control using implicit message sequence numbering |
CN107066634A (en) * | 2017-06-25 | 2017-08-18 | 海南大学 | A kind of resource storage efficiency optimization method for the data-oriented collection of illustrative plates, Information Atlas and knowledge mapping for putting into driving |
CN107229878A (en) * | 2017-06-28 | 2017-10-03 | 海南大学 | A kind of resource security protection method based on data collection of illustrative plates, Information Atlas and knowledge mapping for putting into the security definable determined |
US20180048661A1 (en) * | 2016-08-15 | 2018-02-15 | International Business Machines Corporation | Cognitive offense analysis using contextual data and knowledge graphs |
CN108429748A (en) * | 2018-03-09 | 2018-08-21 | 海南大学 | Put into the Internet of Things resource security protection method of driving |
-
2018
- 2018-09-23 CN CN201811111385.3A patent/CN109344649B/en active Active
Patent Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101415595A (en) * | 2006-02-15 | 2009-04-22 | 通用电气公司 | Method and system for wireless locomotive remote control using implicit message sequence numbering |
US20180048661A1 (en) * | 2016-08-15 | 2018-02-15 | International Business Machines Corporation | Cognitive offense analysis using contextual data and knowledge graphs |
CN107066634A (en) * | 2017-06-25 | 2017-08-18 | 海南大学 | A kind of resource storage efficiency optimization method for the data-oriented collection of illustrative plates, Information Atlas and knowledge mapping for putting into driving |
CN107229878A (en) * | 2017-06-28 | 2017-10-03 | 海南大学 | A kind of resource security protection method based on data collection of illustrative plates, Information Atlas and knowledge mapping for putting into the security definable determined |
CN108429748A (en) * | 2018-03-09 | 2018-08-21 | 海南大学 | Put into the Internet of Things resource security protection method of driving |
Non-Patent Citations (2)
Title |
---|
DENG ZHAO 等: "An Energy-Aware Service Composition Mechanism in Service-Oriented Wireless Sensor Networks", 《2017 IEEE INTERNATIONAL CONGRESS ON INTERNET OF THINGS (ICIOT)》 * |
惠赟: "组织隐性知识共享的管理机制研究", 《中国博士学位论文全文数据库 经济与管理科学辑》 * |
Also Published As
Publication number | Publication date |
---|---|
CN109344649B (en) | 2020-07-07 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
Hu et al. | Understanding the topic evolution of scientific literatures like an evolving city: Using Google Word2Vec model and spatial autocorrelation analysis | |
Weisheimer et al. | Addressing model error through atmospheric stochastic physical parametrizations: Impact on the coupled ECMWF seasonal forecasting system | |
Evans et al. | Using statistical physics to understand relational space: a case study from Mediterranean prehistory | |
Pham et al. | Towards integrating real-world spatiotemporal data with social networks | |
Hegelich | Deep learning and punctuated equilibrium theory | |
Knox et al. | The Routledge Companion to Philosophy of Physics | |
Hu et al. | Essence Computation Oriented Multi-semantic Analysis Crossing Multi-modal DIKW Graphs | |
Nasution et al. | Entrepreneurship intention prediction using decision tree and support vector machine | |
Li et al. | TeAST: Temporal Knowledge Graph Embedding via Archimedean Spiral Timeline | |
Yuan et al. | A typology of spatiotemporal information queries | |
CN109344649A (en) | The interaction cost of typing resource drives method for security protection | |
Matisziw et al. | Measuring spatial correspondence among network paths | |
Liu | The diffusion of scientific ideas in time and indicators for the description of this process | |
Shen et al. | Exploring the construction and application of spatial scene knowledge graphs considering topological relations | |
Kim et al. | Construction of disaster knowledge graphs to enhance disaster resilience | |
Yan et al. | Multilevel Robustness for 2D Vector Field Feature Tracking, Selection and Comparison | |
Li et al. | The analysis of research hot spot and trend on artificial intelligence in education | |
Xu et al. | Understanding human mobility: A multi-modal and intelligent moving objects database | |
Lam | Abrupt climate changes and tipping points: Epistemic and methodological issues | |
Andriani | Application of C4. 5 algorithm for detection of cooperatives failure in province level | |
Liu et al. | Secure data publishing of private trajectory in edge computing of iot | |
Yang | Clustering analyzing of undergraduate schools based on k-means algorithm | |
Volchenkov | Assessing Complexity of Urban Spatial Networks | |
Zhang et al. | Transfer learning for urban computing: A case study for optimal retail store placement | |
CN109063214B (en) | The resource hiding method that the typing data and its figure of value driving indicate |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant |