没有合适的资源?快使用搜索试试~ 我知道了~
首页SEAT图法提升无处不在系统安全:实时优化与策略生成
SEAT图法提升无处不在系统安全:实时优化与策略生成
0 下载量 162 浏览量
更新于2024-08-26
收藏 1.42MB PDF 举报
本文主要探讨了在无处不在的计算系统设计中如何通过SEAT图方法进行安全感知优化。随着信息技术的发展,确保系统的安全性日益成为设计者的重要考量因素,尤其是在性能、能耗与安全等多方面需求并存的背景下。SEAT图是一种创新的图形模型,它能够直观地表示任务间的实时约束和优先级,帮助设计师明确应用的安全需求。 文章的核心贡献是提出了一种名为整数线性规划安全性优化(ILP-SOP)的算法,该算法在满足实时性约束的前提下,寻求最优的安全策略,以实现最大的总体安全强度。针对特定的系统结构,如简单路径图和树,作者还开发了基于动态规划的DPSOP-path和DPSOP-tree算法,它们能够在这些特殊情况中找到最佳安全策略。 实验证明,采用SEAT图方法及其优化算法在无处不在的计算系统中具有显著的效果。实验结果显示,通过应用本文技术,系统的安全强度平均提高了44.3%,这显示出这种方法在实际应用中的优越性能和效率提升。这不仅有助于提升系统的安全性,还能有效地平衡系统资源的分配,确保在实时性和安全性之间找到最佳的平衡点。 此外,文章强调了安全策略的选择与加密算法的组合对系统安全的重要性,强调了在设计过程中应综合考虑各种加密算法的适用性和性能影响。通过对实时性和安全性的统一管理,SEAT图方法为无处不在计算系统的安全设计提供了一种有效的工具。 总结来说,这篇文章深入研究了如何运用SEAT图作为图形模型和优化算法来解决无处不在计算系统中的安全问题,其方法和技术对于提升此类系统在复杂环境下的安全保障具有重要意义。
资源详情
资源推荐
520 M. Qiu et al. / Journal of Computer and System Sciences 79 (2013) 518–529
full use of the slack time to incorporate security overhead into the process of scheduling tasks. Moreover, conventional
scheduling algorithms lack the capability to generate the optimal security strategy.
Recently, integrating cryptographic algorithms into ubiquitous real-time applications has received more attention. In [3],
Xie et al. proposed a Security-Aware Scheduling Algorithm (SASES) to improve the security of embedded system applications
composed of independent periodic tasks. The SASES algorithm is a heuristic algorithm based on the dynamic scheduling
algorithm EDF. It cannot guarantee predictability and optimality of the security strategy. In [14], Xie et al. proposed a task
allocation scheme named TPADPS to maximize the security quality and schedulability for real-time applications with task
dependence. In [4], Lin and Yang proposed an ILP model to solve the static schedulability driven security optimization
problem. Their method can only be applied to applications with independent periodic tasks.
In order to achieve the maximal system security strength and to guarantee the real-time schedulability, two critical
issues, i.e., quantitative security strength and computational overhead models, need to be solved. Researchers have worked
on quantitative measurements of the security strength of various cryptographic algorithms. Irvine and Levin [13] proposed a
security taxonomy and overhead framework. Xie et al. also proposed overhead models [12] that can approximately measure
security overheads experienced by tasks with security requirements. They mainly considered the security overhead model
for three types of basic and widely deployed security services: confidentiality, integrity, and authentication. The security
strength of various algorithms is quantized as quantitative security levels.
Similar to the level-based security model, Yang et al. [4] proposed a group based security model. They assume that the
system has different services with different quality. In [14] and [4], the overall system security strength is a weighted sum
of security strength of selected security algorithms. Note that how to accurately express the overall security strength is still
a challenge and open issue.
In this paper, we propose to use the risk-free probability to measure the security strength of each security algorithm.
Thereby, the overall strength of a security strategy is the product of these probability values.
3. Basic models and definitions
In this section, first we introduce the basic models which will be used in the later sections. Then, we formally define the
security optimization problem in this paper.
3.1. Security-aware task graph model
A large number of ubiquitous applications are implemented in a periodic manner, in which a set of tasks are executed
periodically. Previous literature uses independent task models to study the real-time scheduling problem [3,4].However,the
precedence relationship among tasks must be taken into account in many real applications. For example, in a video monitor
system, video signal capture, coding, compression, and transition are set of dependent tasks and executed in an identical
period.
In this paper, we propose the SEAT graph model to specify a real-time ubiquitous application. The precedence relationship
among tasks can be represented by directed edges of a SEAT graph. Security requirements and timing constraints can be
regarded as attributes of task nodes. The formal definition of the SEAT graph model is stated as follows.
Definition 3.1 (Security-aware task graph). ASEATG
=V , E, L, a(v) is a directed graph, where V is a set of tasks, E ⊆ V × V
is a set of edges that define the precedence relationships among task nodes in V , L represents the deadline of a single
iteration of the SEAT, a
(v) ={t(v), d(v), s
v
} is the attribute vector of task v, where t(v) denotes the execution time of
task v, d
(v) denotes the amount of data (measured in KB) that needs security protection, s
v
={s
1
v
, s
2
v
,...,s
n
v
} is the security
vector of task v,thevalueofs
i
v
represents the security requirement of the ith security service for task v.
We assume that all tasks in a SEAT have the same rate, i.e. the period of each task is identical. Therefore, the real-
time requirement can be guaranteed via deadline L.Anedgee
(v
i
→ v
j
) in E denotes that task v
j
cannot be executed
until task v
i
is completed. Note that in a SEAT the value of s
i
v
of the security vector s
v
is only the lower bound security
requirement of the ith security service for task v. In the next section, we present a general model to formulate the security
level of the application.
3.2. Security model
The security of a ubiquitous system is an ability of a system to withhold various attacks. The overall system secu-
rity strategy is composed of diverse security services such as data integrity, confidentiality, and authentication. And each
security service can be implemented by different cryptographic algorithms which lead to different security strength and
computational overhead.
For example, data confidentiality can be implemented by RC4 and AES cryptographic algorithms. RC4 is a very fast
algorithm since it uses only 7 CPU clock cycles per byte of output on a Pentium CPU architecture [18]. The memory space
cost of RC4 is also very low, say only 256 bytes of RAM. Hence, it was one of the best encryption schemes of the past
decade. However, Fluhrer et al. have discovered several vulnerabilities in the RC4 algorithm [19] that make it unsafe for
剩余11页未读,继续阅读
weixin_38560275
- 粉丝: 2
- 资源: 916
上传资源 快速赚钱
- 我的内容管理 展开
- 我的资源 快来上传第一个资源
- 我的收益 登录查看自己的收益
- 我的积分 登录查看自己的积分
- 我的C币 登录后查看C币余额
- 我的收藏
- 我的下载
- 下载帮助
最新资源
- JDK 17 Linux版本压缩包解压与安装指南
- C++/Qt飞行模拟器教员控制台系统源码发布
- TensorFlow深度学习实践:CNN在MNIST数据集上的应用
- 鸿蒙驱动HCIA资料整理-培训教材与开发者指南
- 凯撒Java版SaaS OA协同办公软件v2.0特性解析
- AutoCAD二次开发中文指南下载 - C#编程深入解析
- C语言冒泡排序算法实现详解
- Pointofix截屏:轻松实现高效截图体验
- Matlab实现SVM数据分类与预测教程
- 基于JSP+SQL的网站流量统计管理系统设计与实现
- C语言实现删除字符中重复项的方法与技巧
- e-sqlcipher.dll动态链接库的作用与应用
- 浙江工业大学自考网站开发与继续教育官网模板设计
- STM32 103C8T6 OLED 显示程序实现指南
- 高效压缩技术:删除重复字符压缩包
- JSP+SQL智能交通管理系统:违章处理与交通效率提升
资源上传下载、课程学习等过程中有任何疑问或建议,欢迎提出宝贵意见哦~我们会及时处理!
点击此处反馈
安全验证
文档复制为VIP权益,开通VIP直接复制
信息提交成功