|Table of Contents|

Architecture and key technologies of cyberspace security(PDF)


Research Field:
Publishing date:


Architecture and key technologies of cyberspace security
Wang Qun1Li Fujuan1Zhou Qian2
1.Department of Computer Information and Cybersecurity,Jiangsu Police Institute,Nanjing 210031,China; 2.School of Modern Posts,Nanjing University of Posts and Telecommunications,Nanjing 210003,China
cyberspace security architecture information security network security privacy protection
Cyberspace is the basis of the information society,as well as the set of information itself,all of the information carrier,and all of the information environment. With the deepening interaction of human,machines and things after interconnection,Cyberspace Security is facing new security challenges as well as traditional threats. In this paper,some concepts of cyberspace security were analyzed,put forward the cyberspace security“3+2”research system structure. According to the different functional domains from bottom to up,Cyberspace Security is divided into three layers in this structure. They are physical layer,transport layer and application layer. At the same time,it also includes the security theory,method support,data and Information Security that run through each layer respectively. On this basis,the key technologies involved are emphasized.


[1] 刘刚,张宏,李千目. 基于博弈模型的网络安全最优攻防决策方法[J]. 南京理工大学学报,2014,38(1):12-21.
Liu Gang,Zhang Hong,Li Qianmu. Network security optimal attack and defense decision-making method based on game model[J]. Journal of Nanjing University of Science and Technology,2014,38(1):12-21.
[2]沈昌祥,张焕国,冯登国,等. 信息安全综述[J]. 中国科学E辑:信息科学,2007,37(2):129-150.
Shen Changxiang,Zhang Huangguo,Feng Dengguo,et al. Survey on information security[J]. Science in China Ser. E Information Sciences,2007,37(2):129-150.
[3]张焕国,韩文报,来学嘉,等. 网络空间安全综述[J]. 中国科学:信息科学,2016,46(2):125-164.Zhang Huanguo,Han Wenbao,Lai Xuejia,et al. Survey on cyberspace security[J]. Scientia Sinica Informationis,,2016,46(2):125-164.
[4]National Cyber Security Strategies:An Implementation Guide[EB/OL].(2012-12-19)[2017-01-16]. https://www. enisa. europa. eu/publications/national-cyber-security-strategies-an-implementation-guide.
[5]National Institute of Standards and Technology. Framework for Improving Critical Infrastructure Cybersecurity[EB/OL]. https://www. nist. gov/sites/default/files/documents/cyberframework/cybersecurity-framework-021214. pdf.
[6]方滨兴. 从层次角度看网络空间安全技术的覆盖领域[J]. 网络与信息安全学报,2015,1(1):2-7.
Fang Bingxing. A hierarchy model on the research fields of cyberspace security technology[J]. Chinese Journal of Network and Information Security,2015,1(1):2-7.
[7]罗军舟,杨明,凌振,等. 网络空间安全体系与关键技术[J]. 中国科学:信息科学,2016,46(8):939-968.
Luo Junzhou,Yang Ming,Ling Zhen,et al. Architecture and key technologies of cyberspace security[J]. Scientia Sinica Informationis,2016,46(8):939-968.
[8]张应辉,郑东,马春光. 网络空间安全体系及关键技术[J]. 中兴通讯技术,2016,22(1):10-13,18.
Zhang Yinghui,Zheng Dong,Ma Chunguang. Security architecture and Key techniques of cyberspace[J]. ZTE Technology Journal,2016,22(1):10-13,18.
[9]沈昌祥. 建好网络空间一级学科 加快安全可信体系建设[J]. 中国信息安全,2016,12:50-51.
Shen Changxinag. We will build a new level of cyberspace to accelerate the construction of a secure and trusted system[J]. China Information Security,2016,12:50-51.
[10]李晖,张宁. 网络空间安全学科人才培养之思考[J]. 网络与信息安全学报,2015,1(1):18-23.
Li Hui,Zhang Ning. Suggestions on cyber security talents cultivation[J]. Chinese Journal of Network and Information Security,2015,1(1):18-23.
[11]杨良斌,周新丽,刘思涵,等. 大数据背景下网络空间安全人才培养机制与模式研究[J]. 情报杂志,2016,35(12):81-89.
Yang Liangbin,Zhou Xinli,Liu Sihan. Cyber security talents cultivation mechanism and mode in the big data era[J]. Journal of Intelligence,2016,35(12):81-89.
[12]Alnifie G,Simon R. A multi-channel defense against jamming attacks in wireless sensor networks[C]//Proceedings of the 3rd ACM workshop on QoS and Security for Wireless and Mobile Networks. NY,USA:ACM Press,2007:95-104.
[13]Al-kahtani. Survey on security attacks in Vehicular Ad hoc Networks(VANETs)[C]//Proceeding of the 2012 6th International Conference on Signal Processing and Communication Systems(ICSPCS). QLD,Australia:IEEE Press,2012:1-9.
[14]沈昌样,张焕国,王怀民,等. 可信计算的研究与发展[J]. 中国科学:信息科学,2010,40(2):139-166.
Shen Changxiang,Zhang Huanguo,Wang Huiming,et al. Research and development of trusted computing[J]. Science in China Ser. E Information Sciences,2010,40(2):139-166.
[15]Xu W,Omar H A,Zhuang W,et al. Delay analysis of in-vehicle internet access via on-road WiFi access points[J]. IEEE Access,2017,5:2736-2746.
[16]Granlund D,AHlund C,Holmlund P. EAP-swift:an efficient authentication and key generation mechanism for resource constrained WSNs[J]. International Journal of Distributed Sensor Networks,2015:1-12.
[17]Perrig A,Szewczyk R,Tygar J D,et al. SPINS:security protocols for sensor networks[J]. Wireless Networks,2002,8(5):521-534.
[18]Zhang Y,Xie F,Dong Y W,et al. High fidelity virtualization of cyber-physical systems[J]. International Journal of Modeling,Simulation,and Scientific Computing,2013,4(2):1340005(26 pages).
[19]Janz C,Ong L,Selhuraman K,et al. Emerging transport SDN architecture and use cases[J]. IEEE Communications Magazine,2016,54(10):116-121.
[20]李凤华,史国振,马建峰,等. 访问控制模型研究进展及发展趋势[J]. 电子学报,2012,40(4):805-813
Li Fenghua,Su Mang,Shi Guozhen,et al. Research status and development trends of access control model[J]. Acta Electronica Sinica,2012,40(4):805-813.
[21]Sandhu R,Coyne E,Feinstein H,et al. Role-based access control models[J]. IEEE Computer,1996,29(2):38-47
[22]Thomas R,Sandhu R. Task-based authorization controls(TBAC):A Family of models for active and enterprise oriented authorization management[C]//Proceedings of the 11th IFIP WG11. 3 Conference on Database Security. Lake Tahoe:[s.n.],1997,8:166-181.
[23]Sejong O,Seog P. Task-role-based access control model[J]. Information System,2003(28):533-562.
[24]Zhang C N,Yang C G. An object-oriented RBAC model for distributed system[C]//Proceedings of the Working IEEE/IFIP Conference on Software Architecture(WICSA’01). Amsterdam,Netherlands:IEEE Press,2001,8:24-32.
[25]Freudenthal E,Pesin T,Port L,et al. dRBAC:Distributed role based access control for dynamic coalition environments[C]//Proceedings of the 22nd International Conference on Distributed Computing Systems(ICDCS’02). Vienna,Austria:IEEE Computer Society,2002,7:411-420.
[26]Bertino E,Bonatti P,Ferrari E. TRBAC:a temporal role-based access control model[J]. ACM Transactions on Information and System Security,2001,4(3):191-223.
[27]王小明,付红,张立臣. 基于属性的访问控制研究进展[J]. 电子学报,2010,38(7):1660-1667.
Wang Xiaoming,Fu Hong,Zhang Lichen. Research progress on attribute-based access control[J]. Acta Electronica Sinica,2010,38(7):1660-1667.
[28]李凤华,王巍,马建峰,等. 基于行为的访问控制模型及其行为管理[J]. 电子学报,2008,36(10):1881-1890.
Li Fenghua,Wang Wei,Ma Jiangfeng,et al. Action-based access control model and administration of actions[J]. Acta Electronica Sinica,2008,36(10):1881-1890.
[29]Almutairi A,Sarfraz M,Basalamah S,et al. A distributed access control architecture for cloud computing[J]. IEEE Software,2012,29(2):36-44.
[30]Bossert G,Hiet G. Towards automated protocol reverse engineering using semantic information[C]//ACM Symposium on Information,Computer and Communications Security. [S.l.]:ACM,2014:51-62.
[31]Narayan J,Shukla S K,Clancy T C. A survey of automatic protocol reverse engineering tools[J]. ACM Comput Surv,2015,48:1-26.
[32]罗军舟,吴文甲,杨明. 移动互联网:终端、网络与服务[J]. 计算机学报,2011,34(11):2029-2051.
Luo Junzhou,Wu Wenjia,Yang Ming. Mobile internet:terminal devices,networks and services[J]. Chinese Journal of Computers,2011,34(11):2029-2051.
[33]李益发,沈昌祥. 一种新的操作系统安全模型[J]. 中国科学E辑:信息科学,2006,36(4):347-356.
Li Yifa,Shen Changxiang. A new operating system security model[J]. Science in China Ser E Information Sciences,2006,36(4):347-356.
[34]訾小超,姚立红,曾庆凯,等. 操作系统安全增强技术研究进展[J]. 高技术通讯,2003(7):106-110
Zi Xiaochao,Yao Lihong,Zeng Qingkai,et al. A survey of security-enhanced techniques for operating systems[J]. Chinese High Technology Letters,2003(7):106-110.
[35]方滨兴,陆天波,李超. 软件确保研究进展[J]. 通信学报,2009,30(2):106-117.
Fang Binxing,Lu Tianbo,Li Chao. Survey of software assurance[J]. Journal on Communications,2009,30(2):106-117.
[36]Salaun M. Practical overview of a Xen covert channel[J]. Journal in Computer Virology,2010,6(4):317-328.
[37]Price M. The paradox of security in virtual environments[J]. Computer,2008,41(11):22-28.
[38]Hadziosmanovic D,Bolzoni D,Etalle S,et al. Challenges and opportunities in securing industrial control systems[C]//Proceedings of 2012 IEEE Workshop on Complexity in Engineering. [S.l.]:IEEE,2013:1-6.
[39]张焕国,王丽娜,杜瑞颖,等. 信息安全学科体系结构研究[J]. 武汉大学学报(理学版),2010,56(5):614-620.
Zhang Huanguo,Wang Lina,Du Ruiying,et al. Research on information security discipline[J]. Journal of Wuhan University(Natural Science Edition),2010,56(5):614-620.
[40]曹珍富. 密码学的新发展[J]. 四川大学学报(工程科学版),2015,47(1):1-12.
Cao Zhenfu. New development of cryptography[J]. Journal of Sichuan University(Engineering Science Edition),2015,47(1):1-12.
[41]教育部高等学校信息安全专业教学指导委员会. 高等学校信息安全专业指导性专业规范[M]. 北京:清华大学出版社,2014.
[42]张玉清,王晓菲,刘雪峰,等. 云计算环境安全综述[J]. 软件学报,2016,27(6):1328-1348.
Zhang Yuqing,Wang Xiaofei,Liu Xuefeng,et al. Survey on cloud computing security[J]. Journal of Software,2016,27(6):1328-1348.
[43]Lu T,Yao P,Zhao L,et al. An analysis of attacks against anonymous communication networks[C]//International Conference on Security Technology. [S.l.]:IEEE,2015:38-40.
[44]Kulik L. Privacy for real-time location-based services[J]. Sigspatial Special,2009,1(2):9-14.
[45]Molina-Gil J. Providing k-anonymity and revocation in ubiquitous VANETs[J]. Ad Hoc Networks,2016,36:482-494.
[46]Dwork C. Defferential privacy[C]//Proceedings of the 33rd International Colloquium on Automata,Languages and Programming. Venice,Italy:[s.n.],2006:1-12.
[47]Bethencourt J,Sahai A,Waters B. Ciphertext-policy attribute-based encryption[C]//Proceedings of the 28th International Symposium on Security and Privacy. Berkeley,CA,USA:[s.n.],2007:321-334.
[48]吕志泉,洪澄,张敏,等. 面向社交网络的隐私保护方案[J]. 通信学报,2014,35(8):23-32.
Lv Zhiquan,Hong Cheng,Zhang Min,et al. Privacy-perserving scheme for social networks[J]. Journal on Communications,2014,35(8):23-32.
[49]Zhang X. Reversible data hiding in encrypted image[J]. IEEE Signal Processing Letters,2011,18(4):255-258.
[50]Tripathy B K,Mitra A. An algorithm to achieve k-anonymity and l-diversity anonymization in social networks[C]//International Conference on Computational Aspects of Social Networks. [S.l.]:IEEE,2013:126-131.
[51]Dede E,Fadika Z,Hartog J,et al. MARISSA:MapReduce implementation for streaming science applications[C]//Proceedings of the IEEE 8th International Conference on E-Science. Chicago,USA:[s.n.],2012:1-8.


Last Update: 2019-09-30