基于输入点复杂度的交互固有安全性度量

Metrics of Interaction Inherent Security Based on Input Point Complexity

  • 摘要: 为了弥补交互安全性度量的传统方法不反映交互基本属性所固有的安全性等不足,提出了一种交互固有安全性度量方法。通过分析软件交互基本属性中存在的固有安全性问题,提出了输入点复杂度、输入点集中度等概念,给出了输入点复杂度分级的依据和方法,以及基于此的人机交互固有安全性度量模型和步骤,并结合实践对3个软件样本进行了人机交互固有安全性度量。结果表明,该方法降低了测试技术、人员、时间等外在因素变化对交互安全性度量结果的干扰,降低了度量的技术难度,提高了度量的完整性、通用性和可信性。

     

    Abstract: Traditional interaction security measurement method can not reflect the inherent security of software interaction basic attributes. In order to remedy this deficiency, this paper presents a method for the metrics of interaction inherent security. Through analyzing intrinsic security problems existed in the basic attributes of interaction, we puts forward the concepts of input-point complexity and input-point concentration ratio etc.,proposes a metric model of the inherent security of interaction of software based on input-point concentration ratio,and measures the inherent security of interaction of software through three examples. The measurement results show that it is effective by using input-point concentration ratio to measure inherent security of interaction. This method greatly reduces the disturbance of the changing of external factors on the metric results and, therefore,improves the credibility, integrity, and generality of the results.

     

/

返回文章
返回