CN103268450B

CN103268450B - Mobile intelligent terminal system security assessment system model and appraisal procedure based on test

Info

Publication number: CN103268450B
Application number: CN201310222440.7A
Authority: CN
Inventors: 唐杰; 荆博猷
Original assignee: Chengdu Haoboyi Science & Technology Co Ltd
Current assignee: Chengdu Haoboyi Science & Technology Co Ltd
Priority date: 2013-06-06
Filing date: 2013-06-06
Publication date: 2016-06-29
Anticipated expiration: 2033-06-06
Also published as: CN103268450A

Abstract

The invention discloses a kind of mobile intelligent terminal system security assessment system model based on test and appraisal procedure, system model includes security evaluation layer and safety test layer, security evaluation layer is positioned at upper strata, it is divided into risk layer from top to bottom, threatens layer and vulnerability layer, safety test layer is positioned at lower floor, is divided into security function layer, test layer and safety criterion layer from top to bottom；Appraisal procedure comprises the following steps: test layer is tested；Assessment layer is estimated according to test result；Parameter relative weight；Matrix is carried out consistency desired result；Calculate the score value vector of each layer security evaluation result；Assessment result table is drawn by each layer assessment result.The present invention is in conjunction with mobile intelligent terminal own characteristic, and utilizes AHP algorithm in conjunction with the method for safety test, it is achieved mobile intelligent terminal objective is tested the Multi-level Evaluation combined with subjective assessment, qualitative judgement and quantitative Analysis, and assessment result cogency is strong.

Description

Mobile intelligent terminal system security assessment system model and appraisal procedure based on test

Technical field

The present invention relates to mobile message security evaluation field, particularly relate to a kind of mobile intelligent terminal system security assessment system model based on test and appraisal procedure.

Background technology

Along with developing rapidly of mobile communication technology and mobile Internet sum, mobile intelligent terminal has been widely used in the middle of the information system of personal daily life and various governments, enterprise, bank and army.Different from traditional mobile phone, mobile intelligent terminal stores individual privacy, accounts information, working document, trade secret or even valuable information etc. more.These privacies are often related to that terminal uses property and the prestige safety of individual or unit.The current primary challenge mode to terminal still utilizes the vulnerability of intelligent terminal operation system security mechanism and leak to manufacture substantial amounts of Malware, virus and remote control program, terminal security is constituted huge threat, therefore mobile intelligent terminal operating system security is carried out security evaluation and be to ensure that the basis of terminal security.

At present, the assessment of mobile intelligent terminal safety be there is no unified standard.China's standard " information of mobile terminal safety specifications " and " information of mobile terminal safety detecting method " are primarily directed to fairly simple conventional mobile phone operating system.Unite States Standard " GuidelinesonCellPhoneandPDASecurity " is the safety criterion for mobile intelligent terminal of current comparative maturity.

The security evaluation of science must be set up based in the safety test of safety criterion, owing to mobile intelligent terminal operating system software and hardware resources is relatively in short supply, be not suitable for traditional computer system security measures, therefore at present the security evaluation of mobile intelligent terminal is mainly also built upon the calculating on subjective assessment and analysis, lacking the objective security test being based upon on safety criterion and merge with the reasonable of quantitative calculation and analysis, its assessment result often lacks persuasion.

Summary of the invention

It is an object of the invention to overcome the deficiencies in the prior art, there is provided one in conjunction with mobile intelligent terminal own characteristic, and utilize AHP algorithm in conjunction with the method for safety test, realize mobile intelligent terminal objective is tested the Multi-level Evaluation that combines with subjective assessment, qualitative judgement and quantitative Analysis, strong a kind of based on the mobile intelligent terminal system security assessment system model tested and appraisal procedure of assessment result cogency.

It is an object of the invention to be achieved through the following technical solutions: based on the mobile intelligent terminal system security assessment system model of test, it includes for for manufacturer terminal, user or use unit provide security risk, attack the security evaluation layer threatening the assessment with system vulnerability and for testing operating system to be measured according to safety standard requirement, assess the safety test layer of the degree that its conformance with standard requires, described security evaluation layer is positioned at upper strata, it is divided into risk layer from top to bottom, threaten layer and vulnerability layer, described safety test layer is positioned at lower floor, it is divided into security function layer from top to bottom, test layer and safety criterion layer.

Described security function layer is divided into multilamellar.

The mapping relations that index is multi-to-multi of the interlayer up and down that described assessment layer is adjacent.

The mapping relations that levels index is one-to-many that described test layer is adjacent.

Based on the mobile intelligent terminal system security assessment system model appraisal procedure of test, it comprises the following steps:

S1: test layer is tested: utilize the follow-up ergodic algorithm of multiway tree to perform each test case, the execution process of output test case successively, draw test result vector β；

S2: assessment layer is estimated according to test result: to each test index in assessment layer, the relative importance that its sub-index item compares between two is allowed to draw the ratio of relative weight respectively, then according to proportion quotiety method to importance assigning degrees, Judgement Matricies A_i；

S3: parameter relative weight:

First by matrix A_iEach column vector normalization:

{\overset{&OverBar;}{a}}_{i j} = \frac{a_{i j}}{Σ_{i = 1}^{n} a_{i j}}, (i = 1, 2, ... n) - - - (2 a)

Then to the judgment matrix after normalization by row summation:

W_{i} = Σ_{j = 1}^{n} {\overset{&OverBar;}{a}}_{i j}, (i = 1, 2, ... n) - - - (2 b)

Again by vectorNormalization:

{\overset{&OverBar;}{W}}_{i} = \frac{{\overset{&OverBar;}{W}}_{i}}{Σ_{i = 1}^{n} {\overset{&OverBar;}{W}}_{i}}, (i = 1, 2, ... n) - - - (2 c)

Vector after normalizationComponent be the weights of each assessment key element；

S4: matrix is carried out consistency desired result: each judgment matrix is calculated consistency ration CR, as CR=0, judgment matrix has crash consistency, CR is more big, and then concordance is more poor, if CR < 0.1, judgment matrix substantially meets concordance, result of calculation has higher credibility, otherwise needs judgment matrix is improved until satisfied；

S5: calculate the score value vector of each layer security evaluation result: calculated the vector obtained by step S3 and draw the weight matrix ω of the assessment each layer of layer respectively₁、ω₂And ω₃, by σ₃=ω₃β^TDraw the fragile degree of each index of vulnerability layer, by σ₂=ω₂σ₃ ^TDraw the Threat threatening each index of layer, by σ₁=ω₁σ₂ ^TDraw the risk of each index of risk layer, finally qualitatively judge each evaluation index, each layer index is sorted, record assessment result, provide assessment conclusion；

S6: drawn assessment result table by each layer assessment result: find the weak link of system according to vulnerability inder and test layer index, improve terminal system application solutions, according to threatening index and risk indicator understanding terminal system at present and threat that may be present in future, security risk and influence degree, formulate corresponding security strategy to avert risks.

The invention has the beneficial effects as follows:

The present invention provides the major security threat and risk and risk assessment relevant criterion that a kind of combined with intelligent terminal operating system faces, in conjunction with current computer and mobile terminal operating system safety criterion and classification security evaluation method, and in conjunction with a kind of multi-level mobile intelligent terminal operating system security evaluation system model based on safety criterion of mobile intelligent terminal own characteristic, and utilize AHP algorithm (analytic hierarchy process (AHP)) in conjunction with the method for safety test, realize the test of mobile intelligent terminal objective and subjective assessment, qualitatively judge the Multi-level Evaluation combined with quantitative Analysis, assessment result cogency is strong.

Accompanying drawing explanation

Fig. 1 is secured hierarchical evaluation system and layering schematic diagram；

Fig. 2 is security of system layering assessment models.

Detailed description of the invention

Below in conjunction with accompanying drawing, technical scheme is described in further detail: as shown in Figure 1, mobile intelligent terminal system security assessment system model based on test, it includes for for manufacturer terminal, user or use unit provide security risk, attack the security evaluation layer threatening the assessment with system vulnerability and for testing operating system to be measured according to safety standard requirement, assess the safety test layer of the degree that its conformance with standard requires, described security evaluation layer is positioned at upper strata, it is divided into risk layer from top to bottom, threaten layer and vulnerability layer, described safety test layer is positioned at lower floor, it is divided into security function layer from top to bottom, test layer and safety criterion layer.As in figure 2 it is shown, assess the mapping relations that index is multi-to-multi of the adjacent interlayer up and down of layer, the mapping relations that levels index is one-to-many that test layer is adjacent.Security function layer is divided into multilamellar, each layer of evaluation index for be all different safe category, provide each required safety assurance for different users, each layer of evaluation index definition is as follows:

Risk layer: in mobile intelligent terminal system due to be subjected to artificial attack threaten cause each resource disappearance or destroyed time, the possible loss that intelligent terminal's user or unit are caused and impact；

Threaten layer: comprising the threat behavior that mobile intelligent terminal is attacked, threat behavior is the means that assailant reaches specific purpose.At present main the attacking of mobile terminal being threatened is based upon in the vulnerability of security mechanism, and different threat behaviors attacking ability in different environments is different, it is necessary to it is estimated；

Vulnerability layer: vulnerability is one of object of assessment.Vulnerability that threat behavior exists possibly also with assets carrier and mobile terminal safety mechanism and defect cause the loss of assets；

Security function layer: the necessary concrete security function of assessment mobile intelligent terminal operating system meets the degree of safety standard requirement.The disappearance of security function, imperfection or the leak in security function design realizes will result in the vulnerability of mobile terminal system, and the assessment of security function layer need to be estimated in the result of the objective examination of lower floor；

Safety test layer: the level of most critical in system, is reasonably mapped to the safety requirements in safety criterion attainable assessment method, and is encapsulated as different test cases, utilizes algorithmic dispatching to perform each test case, and test result is returned to upper strata；

Safety criterion layer: be mapped as the test index in security function layer for the specific requirement in standard and the test case in test layer provides foundation.

Based on the mobile intelligent terminal system security assessment system model appraisal procedure of test, first by the follow-up traversal implementation of test cases of tree, the execution process according to test case, draw test result.After quantified for test result, return to assessment layer, the indexs of upper five layers pressed respectively table 1 and maps quantization to 1～9, the test result that assessment layer returns according to test layer, according to practical situation, utilize single or multiple assessment algorithm to be calculated analyzing.Being estimated with (AHP algorithm) step analysis in this programme, it comprises the following steps:

Table 11～9 quantizating index

S1: test layer is tested: utilizing the follow-up ergodic algorithm of multiway tree to perform each test case successively at test layer, output test case performs process, draws test result vector β；

S2: assessment layer is estimated according to test result: to each test index in assessment layer, the relative importance that its sub-index item compares between two is allowed to draw the ratio of relative weight respectively, by 1～9 proportion quotiety method in table 2 to importance assigning degrees, Judgement Matricies A_i；

21～9 grades of judgment matrix standard degree of table

S3: parameter relative weight:

First by matrix A_iEach column vector normalization:

{\overset{&OverBar;}{a}}_{i j} = \frac{a_{i j}}{Σ_{i = 1}^{n} a_{i j}}, (i = 1, 2, ... n)

Then to the judgment matrix after normalization by row summation:

W_{i} = Σ_{j = 1}^{n} {\overset{&OverBar;}{a}}_{i j}, (i = 1, 2, ... n)

Again by vectorNormalization:

{\overset{&OverBar;}{W}}_{i} = \frac{{\overset{&OverBar;}{W}}_{i}}{Σ_{i = 1}^{n} {\overset{&OverBar;}{W}}_{i}}, (i = 1, 2, ... n)

Vector after normalizationComponent be the weights of each assessment key element.

S4: matrix is carried out consistency desired result: in order to ensure that judgment matrix has the accuracy that comparison is high, it is necessary to matrix is carried out consistency desired result.Calculating coincident indicator is as follows:

First the Maximum characteristic root of matrix is obtained:

λ_{m a x} = Σ_{i = 1}^{n} \frac{{(A W)}_{i}}{{nW}_{i}}

Then coincident indicator is calculated:

C I = \frac{λ_{\max} - n}{n - 1}

Finally calculate consistency ration:

C R = \frac{C I}{R I}

If CR is < when 0.1, then it is assumed that the concordance of this judgment matrix can accept.

Table 3 mean random consistent guideline RI

As CR=0, it is judged that matrix has crash consistency, CR is more big, and then concordance is more poor.It is generally acknowledged that < when 0.1, judgment matrix substantially meets concordance to CR, and result of calculation has higher credibility, otherwise needs judgment matrix is improved until satisfied；

S5: calculate the score value vector of each layer security evaluation result: the vector obtained by step S3 draws the weight matrix of the assessment each layer of layer respectivelyWithBy σ₃=ω₃β^TDraw the fragile degree of each index of vulnerability layer, by σ₂=ω₂σ₃ ^TDraw the Threat threatening each index of layer.By σ₁=ω₁σ₂ ^TDraw the risk of each index of risk layer.Last synopsis 1 qualitatively judges each evaluation index, records assessment result, provides assessment conclusion；

S6: drawn assessment result table by each layer assessment result: find the weak link of system according to vulnerability inder and test layer index, improve terminal system application solutions.According to threatening index and risk indicator understanding terminal system at present and threat that may be present in future, security risk and influence degree, formulate corresponding security strategy targetedly to avert risks.

Claims

1. based on the mobile intelligent terminal system security assessment system model of test, it is characterized in that: it includes for for manufacturer terminal, user or use unit provide security risk, attack the security evaluation layer threatening the assessment with system vulnerability and for testing operating system to be measured according to safety standard requirement, assess the safety test layer of the degree that its conformance with standard requires, described security evaluation layer is positioned at upper strata, it is divided into risk layer from top to bottom, threaten layer and vulnerability layer, described safety test layer is positioned at lower floor, it is divided into security function layer from top to bottom, test layer and safety criterion layer；Wherein:

Threaten layer: comprising the threat behavior that mobile intelligent terminal is attacked, threat behavior is the means that assailant reaches specific purpose；Different threat behaviors attacking ability in different environments is different, it is necessary to it is estimated；

Vulnerability layer: vulnerability is one of object of assessment, vulnerability that threat behavior exists possibly also with assets carrier and mobile terminal safety mechanism and defect cause the loss of assets；

Security function layer: the necessary concrete security function of assessment mobile intelligent terminal operating system meets the degree of safety standard requirement；The disappearance of security function, imperfection or the leak in security function design realizes will result in the vulnerability of mobile terminal system, and the assessment of security function layer need to be estimated in the result of the objective examination of lower floor；

Test layer: the level of most critical in system, is reasonably mapped to the safety requirements in safety criterion layer attainable assessment method, and is encapsulated as different test cases, utilizes algorithmic dispatching to perform each test case, and test result is returned to upper strata；

Safety criterion layer: be mapped as the test index in security function layer for the specific requirement in standard and the test case in test layer provides foundation；

Find the weak link of system according to vulnerability inder and test layer index, improve terminal system application solutions；According to threatening index and risk indicator understanding terminal system at present and threat that may be present in future, security risk and influence degree, formulate corresponding security strategy targetedly to avert risks.

2. the mobile intelligent terminal system security assessment system model based on test according to claim 1, it is characterised in that: described security function layer is divided into multilamellar.

3. the mobile intelligent terminal system security assessment system model based on test according to claim 1, it is characterised in that: the mapping relations that index is multi-to-multi of the interlayer up and down that described assessment layer is adjacent.

4. the mobile intelligent terminal system security assessment system model based on test according to claim 1, it is characterised in that: the mapping relations that levels index is one-to-many that described test layer is adjacent.

5. based on the mobile intelligent terminal system security assessment system model appraisal procedure of test, it is characterised in that: it comprises the following steps:

S3: parameter relative weight:

First by matrix A_iEach column vector normalization:

{\overset{&OverBar;}{a}}_{i j} = \frac{a_{i j}}{Σ_{i = 1}^{n} a_{i j}}, (i = 1, 2, ... n)

Then to the judgment matrix after normalization by row summation:

W_{i} = Σ_{j = 1}^{n} {\overset{&OverBar;}{a}}_{i j}, (i = 1, 2, ... n)

Again by vectorNormalization:

{\overset{&OverBar;}{W}}_{i} = \frac{{\overset{&OverBar;}{W}}_{i}}{Σ_{i = 1}^{n} {\overset{&OverBar;}{W}}_{i}}, (i = 1, 2, ... n)

Calculating coincident indicator is as follows: first obtain the Maximum characteristic root of matrix:

λ_{m a x} = Σ_{i = 1}^{n} \frac{{(A W)}_{i}}{{nW}_{i}}

Then coincident indicator is calculated:

C I = \frac{λ_{\max} - n}{n - 1}

Finally calculate consistency ration:

C R = \frac{C I}{R I}

S5: calculate the score value vector of each layer security evaluation result: calculated the vector obtained by step S3 and draw the weight matrix of the assessment each layer of layer respectivelyWithBy σ₃=ω₃β^TDraw the fragile degree of each index of vulnerability layer, by σ₂=ω₂σ₃ ^TDraw the Threat threatening each index of layer, by σ₁=ω₁σ₂ ^TDraw the risk of each index of risk layer, finally qualitatively judge each evaluation index, each layer index is sorted, record assessment result, provide assessment conclusion；