Research On Information Security Function Composition Based On Trust

With the rising services of big data,social networking,and e-commerce,the traditional network security function model achieves a huge impact.There are some problems as poor flexibility,network security functions dependence on physical hardware,and so on.To solve the problems above,software defined network technology and network function virtualization technology laid the foundation of the novel network security functions.The novel security function composition can not only realize the network security requirement,but also ensure the network management.Firstly,we propose a novel trust model considering attack spread ability according to the disadvantages of related trust model.Based on the features of attack spread abilities and the behavior characteristics of malicious nodes,the model presents the update formula of trust,and the overall trust combines direct trust and indirect trust.Then trust model's protocol is designed and its simulation is conducted.The result shows that the simulation of the proposed model approximates the actual network operation better.It can avoid attacks from malicious nodes and improve delivery success rate.Secondly,we put forward to a novel security functions composition model based on trust,which can balance network loads and schedule on demand.In the environment of software defined network,security functions are provided by security examples,which are belong to different security atomic capabilities.In other words,security functions composition is an effective composition of security instances.Then we analysis the relationship between security atomic capability,such as weakness relationship,implication relationship,independence relationship.Meanwhile,the security level adjustment formulas of security functions are provided.We construct security function composition model based on trust in software defined network environment.In this model,we consider interdependent relationship between security atomic capability,network nodes physical resources and resource node's trust degree,and aim to achieve security utility maximization.Finally,according to the security functions composition model based on trust,we design a new genetic algorithm to solve the problem,which is using block coding.In order to verify the model,two evaluation indexes are explicated,and analyze the model from these two indexes.The results show that the model can improve the success rate of service requests and the utility of network services,and the model gives a new way to manage network.This paper provides a solution for the composition of security functions in the software defined network environment,which enriches the security function composition model and provides theoretical support for the realization of network security functions.From the view of management,the model is useful to balance the network loading,and increases the flexibility of the network.What's more,it improves the overall network security performance.From the view of society,we consider the network actual operation.It is easily to ensure network security through security functions composition,and prevent occurrences of information security incidents.