| A security architecture designed to meet specific security requirements is a key component of a distributed information system architecture. It defines appropriate security services and mechanisms and allocates them to components of the system architecture. Research and practice shows that the development of a perfect and applicable security architecture is a precondition to provide effective and appropriate safeguards for distributed information systems. However the security architecture is a complex entity that cannot be described in a simple one-dimension fashion hi practice. To solve this problem, a three-view security architecture framework is presented in the thesis. This Framework organizes the description of a security architecture using three concurrent views, which describe three particular aspects of the security architecture and address separately the concerns of the various 'stakeholders'.In light of security requirements analysis being a crucial step during the security architecture design process, the thesis first discusses two important issues in security requirements engineering, which are the categories and the analysis procedure of security requirements. Here the security requirements are classified as two categories: functional security requirements and non-functional security requirements. Also the security hazard analysis model and the security risk analysis model are presented, as well as the methods of security requirements specification and the corresponding improvements are introduced.Based on the above three-view framework, the thesis proposes a generic security architecture model for distributed information systems. This model is comprised of three parts as follows: The Security Service View ModelQuality of Security Service (QoSS) refers to the ability of a security system to satisfy the security service requirements of users. Based on QoSS, a security service view model is presented here, which includes variant security, Strength of Mechanism Level (SML), adaptive security policy and so on. QoSS is a crucial factor hi calculating costs of security services and satisfaction degree of users. The corresponding methods are also introduced here. And then on the basis of this model, a User-Oriented Security Service Framework (UOSSF) is designed, which hides the details of the actual implementation and provides a satisfactory service environment for users. The Security Organization and Management View ModelTo cope with the complex and varied network environment, a multiagent-based security system organizational structure model is presented here. The thesis describes this model from three levels, which are the system analysis level, the subsystem analysis level and the agent analysis level. Base on this model, the thesis proposes a process-oriented dynamic security management model, which discuss the security management issues from the aspects of the lifecycle process and the system deployment and maintenance processes. These two modelscompose an integrated security organization and management view model. The Security Technical View ModelBased on the existing security technical framework, the thesis introduces the categories and hierarchy of components of the security technical view.In order to describe these three views clearly and systemically in the security architecture design, a series of description methods are presented and the basic steps of designing the views are given, respectively.Finally, on the background of the project "Research of the Satellite Information Resource Management and Share System", the thesis provides an example of the three-view security architecture, which verifies the feasibility and practicability of the three-view model.
|
PDF Full Text Request