Risk Correlation And Assessment Algorithms For Secure Interoperation In Multi-Domain Environment

With the development of Internet and distributed system technology, massive distributed system is largely increased. In order to simplify the distributed and complicated system, the autonomous domain method is used to split the distributed application system. Therefore from the point of security, the distributed system is composed of multi-domain in the reality. it is more easier to share the data and interoperate directly among the different distributed domains than only single domain. However the interoperation risk is largely increased. So how to ensure interoperation risk in multi-domain effectively controlled, and establish secure access control method at the basis of risk, it is necessary to study and analysis in reality and academic theory.Under the circumstance of different secure policy adopted and a large number of information vulnerability in multi-domain environment, risk assessment may be in low effectively cycle state. The work mainly focuses on two things, interoperation risk correlation and risk assessment. The main works were listed as follows:(1) Introduce the things about the secure interoperation and traditional risk assessment theory. Give risk trait in secure interoperation and risk analysis modeling.(2) A risk correlation method has been given based on analyzing the risk correlation character, This method correlates with kinds of risk factors, By means of these skills list above, it can effectively detect and identify the same risk event, capture all kinds of risk events .The concept of risk exponent is also introduced during Interoperation in Multi Autonomous Domains takes into account the requirement of the generalization ability and the most excellent answer in limited conditions.(3) New multi-stage correlation risk events are calculated and assessed. Compared with other risk assessment methods, a new idea of vulnerability correlation and the theory of attack chains during multi-stages risk correlation in multi-domain's secure interoperation is introduced in the paper.(4) A risk arithmetic and dynamic authorization technology is introduced, which guarantee the security during multi-domains in good time.