基于隱蔽通信的訪問控制增強(qiáng)技術(shù)綜述
網(wǎng)絡(luò)安全與數(shù)據(jù)治理 2023年第5期
張宏,,郭云偉
(北京理工大學(xué)計(jì)算機(jī)學(xué)院,北京100081)
摘要: 網(wǎng)絡(luò)訪問控制模型對(duì)于安全防范和保護(hù)具有重要意義?,F(xiàn)有的網(wǎng)絡(luò)訪問控制模型大多是通過加密實(shí)現(xiàn)的,,具有隱蔽性和可控性,容易被發(fā)現(xiàn)和攻擊,?;陔[寫標(biāo)簽的隱蔽通信技術(shù)主要檢測網(wǎng)絡(luò)數(shù)據(jù)包是否包含隱寫頭部標(biāo)簽,并根據(jù)訪問控制規(guī)則確定數(shù)據(jù)包的流向,,有效控制主體對(duì)客體的訪問,。此外,詳細(xì)介紹了幾種方法下的訪問控制規(guī)則,,并描述了針對(duì)各種類型的隱蔽通道的相應(yīng)檢測方法,。最后分析了區(qū)塊鏈隱蔽通信構(gòu)建技術(shù)及其發(fā)展趨勢,,旨在為相關(guān)研究提供一定參考價(jià)值,。
中圖分類號(hào):TN925;TP18
文獻(xiàn)標(biāo)識(shí)碼:A
DOI:10.19358/j.issn.2097-1788.2023.05.001
引用格式:張宏,,郭云偉.基于隱蔽通信的訪問控制增強(qiáng)技術(shù)綜述[J].網(wǎng)絡(luò)安全與數(shù)據(jù)治理,,2023,42(5):1-9.
文獻(xiàn)標(biāo)識(shí)碼:A
DOI:10.19358/j.issn.2097-1788.2023.05.001
引用格式:張宏,,郭云偉.基于隱蔽通信的訪問控制增強(qiáng)技術(shù)綜述[J].網(wǎng)絡(luò)安全與數(shù)據(jù)治理,,2023,42(5):1-9.
A survey on covert communicationbased access control enhancement technology
Zhang Hong,,Guo Yunwei
(School of Computing Science,Beijing Institute of Technology, Beijing 100081, China)
Abstract: The network access control model is important for security prevention and protection. Most of the existing network access control models are implemented through encryption, which has defects in concealment and controllability, and is easy to detect and attack. The covert communication technology based on steganographic labels mainly detects whether network packets contain stegantic headers, and determines the flow direction of packets according to access control rules, to effectively control the subject’s access to objects. In addition, this paper introduces the access control rules under several access control methods in detail, and describes the corresponding detection methods for various types of covert channels. Finally, this paper analyzes the development trend of blockchain covert communication construction technology and its detection methods, aiming to provide some significant value for related research.
Key words : access control; covert communication; blockchain; information hiding
0 引言
近年來,,隨著計(jì)算機(jī)計(jì)算能力的大幅提升和技術(shù)架構(gòu)的進(jìn)步,針對(duì)傳統(tǒng)安全協(xié)議和密碼算法的攻擊能力越來越強(qiáng),,數(shù)據(jù)傳輸?shù)陌踩院途W(wǎng)絡(luò)通信的隱私性面臨著重大挑戰(zhàn)?,F(xiàn)有主要的安全手段是通過密碼學(xué)方法對(duì)秘密信息進(jìn)行加密,使非授權(quán)用戶在限定時(shí)間內(nèi)無法破譯,,借以保護(hù)隱私信息,,其安全性通常取決于算法的復(fù)雜度和密鑰的長度。 但是,,隨著現(xiàn)代計(jì)算機(jī)計(jì)算能力的快速提升,,為保持所需的安全強(qiáng)度,單純?cè)黾用荑€長度等普通加密算法會(huì)嚴(yán)重影響使用效率,,顯得過于被動(dòng),。 因此,網(wǎng)絡(luò)隱蔽通信技術(shù)成為傳統(tǒng)加密通信的有力補(bǔ)充手段,。 隱蔽通信技術(shù)是一種信息隱藏技術(shù),。根據(jù)信息隱藏技術(shù)的不同應(yīng)用目的,可分為四類:隱寫術(shù),、匿名通信,、數(shù)字水印,、隱蔽通道。 近年來,,構(gòu)建隱蔽通信通道及相應(yīng)的分析檢測技術(shù)發(fā)展尤為迅速,。
本文詳細(xì)內(nèi)容請(qǐng)下載:http://forexkbc.com/resource/share/2000005326
作者信息:
張宏,郭云偉
(北京理工大學(xué)計(jì)算機(jī)學(xué)院,,北京100081)
此內(nèi)容為AET網(wǎng)站原創(chuàng),,未經(jīng)授權(quán)禁止轉(zhuǎn)載。