Research On Customized Data Security Exchange Model And Key Techniques

With the development of information technology, internal information systems have been set up to meet the business efficiency need required by government, military and corporations. Information systems built for different requirement and importance are not able to connected with one another, because of information leakage. To share information between systems, data security exchange is particularly important.Aiming at needs and characteristics of data security exchange, the dissertation studies the customized data security exchange model. Its key techniques, the exchange network connection method and the exchange behavior evaluation methods, are studied. The main contents of the dissertation are as follows:1. Aiming at the lack of theoretic support for data security exchange, propose a Customized Data Security Exchange model(CDSE). deeply analyse data security exchange principle and pattern, combine the characteristics of the data security exchange, proposes customized data security exchange model,describe the elements, operations and constrains in the model, give the CDSE’s work procedure and analyse its security. Form a customized data exchange chain, set foundation for trustworthy, controlled and ordered data security exchange.2. Aiming at the malicious process’s connection to exchange network, propose a process trustworthiness-based exchange network connection method, propose a process trustworthiness-based exchange network connection architecture(PTENC), study the process running environment trustworthiness and runtime trustworthiness. Propose a exclusive exchange process running environment trustworthiness measurement method based on dependency graph and runtime dynamic trustworthiness measurement method based on key segments.3. Aiming at the request for reliable and controlled behavior in data security exchange, study the multi-demention process behavior evaluation model and its optimization. To solve the problem of model building and selecting, propose a multi-demention process behavior evaluation model based on Boolean function and its fusion algorithm, propose a optimization method for process behavior evaluation model based on decision tree, apply it to data security exchange.4. Aiming at the requirement for function and security, design and implement prototype of customized data security exchange system, according to customized data security model, and its key modules,exchange task customization module, process trustworthiness measurement module and process behavior evaluation module, which verifies the theory and techniques’feasibility.