Research on security evaluation of XML communication protocol

被引:0
作者
机构
[1] Civil Aviation University of China, College of Computer Science and Technology
[2] Swiss Federal Institute of Technology in Lausanne, School of Computer and Communication Science
来源
Xie, L. (lxxie@126.com) | 1600年 / Academy Publisher卷 / 08期
关键词
Protocol; Security evaluation; Sphere model; Three-dimensionalc;
D O I
10.4304/jsw.8.6.1428-1435
中图分类号
学科分类号
摘要
According to the problem in communication protocol security assessments, a new protocol security comprehensive evaluation method based on the threedimensional sphere model is presented. In this method, a three-dimensional security evaluation index system was built through positions of index on the external of spherical shell. Evaluation index weights of the top two levels were obtained through the analytic hierarchy process (AHP), with sphere radius and the retractable angles. Then, security components' values of communication content, communication load and security vulnerability of XML communication protocol were calculated. Finally, the security evaluation result of XML communication protocol was obtained through quantization calculation and comprehensive analysis method. The experimental results demonstrate that our method can meet the needs of communication protocol security evaluating effectively. © 2013 ACADEMY PUBLISHER.
引用
收藏
页码:1428 / 1435
页数:7
相关论文
共 11 条
  • [1] Alrouh B., Ghinea G., A performance evaluation of security mechanisms for web services, Proceedings of the 2009 Fifth International Conference On Information Assurance and Security, pp. 715-718, (2009)
  • [2] Tang K., Chen S., Levy D., A performance evaluation of web services security, Proceedings of the 10th IEEE International Enterprise Distributed Object Computing Conference, pp. 67-78, (2006)
  • [3] Li J., Chen H., Deng F., A security evaluation method based on threat classification for web service, Journal of Software, 6, 4, pp. 595-603, (2011)
  • [4] Cheng R., Research and Implementation of Security Mechanism of SOAP Message Exchange Based On SOA, (2008)
  • [5] Xu Y., Xie X., Modeling and analysis of security protocols using colored Petri Nets, Journal of Computers, 6, 1, pp. 19-27, (2011)
  • [6] Mi Q., University Teaching Principle, pp. 97-100, (1989)
  • [7] Xu Y., Tang W., Wu B., Design principle and application of S&T evaluation index system, Soft Science In China, 30, 2, pp. 48-51, (2010)
  • [8] Yang H., Xie L., Zhu D., A vulnerability severity grey hierarchy analytic evaluation model, Journal of University of Electronic Science and Technology of China, 39, 5, pp. 778-782, (2010)
  • [9] Pang J., Peng X., Trustworthy web service security risk assessment research, Proceedings of the 2009 International Forum on Information Technology and Applications. Piscataway NJ: IEEE Computer Society, pp. 417-420, (2009)
  • [10] Zhou X., Study On the Selection of Marine Heat Source System Based On Fuzzy Comprehensive Evaluation Method, (2010)
12