期刊
COMPUTERS & SECURITY
卷 114, 期 -, 页码 -出版社
ELSEVIER ADVANCED TECHNOLOGY
DOI: 10.1016/j.cose.2021.102579
关键词
Cyber-physical-social space; Access control; Security analysis; Modeling checking; Adjustment strategy
资金
- Key Research and Development in Henan Province [22A520040, 20B520033]
- Key Technologies R&D Program of Henan province [212102210084]
- Scientific Research Innovation Team of Xuchang University [2022CXTD003]
- Science and Technology Key Project in Henan Province [212102311002, 2121023110 00]
Cyber-Physical-Social Space (CPSS) is a promising paradigm that combines cyberspace, physical space, and social space to create an intelligent environment. However, existing security analysis methods for CPSS do not take into account its open and dynamic characteristics. This paper proposes an adaptive security analysis framework for CPSS that includes an access control model, a Labelled Transition System (LTS), and a policy adjustment method to prevent unauthorized information flow and ensure space security.
Cyber-Physical-Social Space (CPSS) is a promising paradigm to provide people with an intelligent environment by emphasizing the deep fusion of cyberspace, physical space, and social space. The interdependence of these spaces makes that CPSS is more likely to be attacked. The attack consequences may directly affect the state of the physical world and even endanger the people's life. Thus, the most challenging issue for CPSS is to ensure the space security. However, existing security analysis methods focus on the static analysis at the design phase. They do not consider the open and dynamic characteristics which are the core features of CPSS. In this paper, we propose an adaptive security analysis framework for CPSS to prevent the unauthorized flow of information. Firstly, the access control model of CPSS is proposed. It controls the access behaviors by considering the space information covering the social, cyber, and physical spaces. Secondly, Labelled Transition System (LTS) is established to describe the future evolutions of CPSS. The space states in the LTS which violate the security requirements are reasoned by the model checking technology. Thirdly, a policy adjustment method is proposed to prevent the system from entering the violated states or mitigate the bad results caused by the violations. In the end, the effectiveness of our approach is evaluated by a smart building case, and the necessity of our approach is analyzed by the performance evaluation. (C) 2021 Elsevier Ltd. All rights reserved.
作者
我是这篇论文的作者
点击您的名字以认领此论文并将其添加到您的个人资料中。
推荐
暂无数据