Research On Quantitative Analysis Based On Multi-layer Structure For Network Information System Survivability

As we turn into information and network society, network information systems are more important for people's normal life. Though traditional security can improve network information system's security, kinds of intrusions remain as before. Then, we must consider a new security concept, and that is survivability. Survivability breaks limits of traditional security concepts, and emphasizes the abilities of network information systems to achieve their main missions in a timely manner, while they are suffering from attacks, faults, or accidents. Main idea of survivability is that the systems can achieve their main missions, and timely recovery the damaged services, even after intrusions succeed, the main components are damaged or destroyed. Survivability has become a new direction of studies on information security.In the research of survivability, there are two major fields: survivability design and survivability analysis, and the latter mostly study how to evaluate system survivability, whose purpose is to provide an evaluation standard for realizing survivability certification.At present, the research result of survivability is far from mature, which can be concluded as following: the definition of survivability was not unified, and most researches are on qualitative analysis and theoretical quantitative analysis which is far from being applied in practice.This thesis focuses on quantitative analysis process of network information system, which is composed of the following aspects:Firstly, based on comparing survivability with correlative concept such as dependability, fault tolerance and QoS, the definition of survivability is gived by formalization based on the relations between system and environment.Secondly, study the survivability analysis models which are existed. Like dividing a complex problem into simple subproblmes in Software Engineering, A multi-layer analysis model is proposed based on system model and environment model. The models fully consider the feasibility of practice: system components are combined through system service which avoids system's complex structure; Multi-layer analysis model of system state is provided, which avoids definition of system state and analysis of state transitions in the traditional system state-based analysis model.Thirdly, based on multi-layer analysis model of system state, a quantitative analysis method of survivability is provided, and survivability is computed through resistance, recognition, recovery and adaption, which contribute to the survivability degradation in the future.Fourthly, with integrate the steps in analysis of survivability, an improved quantitative analysis process of survivability is provided. The entire analysis process is composed of six steps, which can be concluded into four phases: system definition, environment definition, survivability test and result analysis. Comparing with SNA method, this analysis process realizes quantitative analysis of survivability, and the event database in the process makes the analysis more simple and fair.