Automated and Intelligent Information Security Engineering
阅读量:次
Jingde Cheng (程京德)
Abstract I will talk about an R&D direction I proposed: Automated and Intelligent Information Security Engineering. The most intrinsic difficulty in ensuring security of information/software systems is that assailants (crackers) are active persons who can get knowledge and skills day after day and then continuously attack, always by using the latest technology, the weakest parts and/or links in target information/software systems. Therefore, in order to ensure the whole security of information/software systems, designers, developers, operators, and maintainers of information/software systems with high security requirements need continuous and consistent supports for their tasks to protect the systems from assailants. However, traditional software engineering environments are not adequate and not effective for designing, developing, operating, and maintaining information/software systems with high security requirements. This talk presents the notion of information security engineering environment our proposed, shows our basic considerations on construction and use of an information security engineering environment, and enumerates various facilities and services should be provided by an information security engineering environment. As a real case study, I will talk about ISEE, an information security engineering environment we are developing, that is based on ISO/IEC security standards, integrates various tools and provides comprehensive facilities to support design, development, operation, and maintenance of security facilities of information/software systems continuously and consistently, and guides and helps all users to perform their tasks regularly according to ISO/IEC security standards. ISEE is the first information security engineering environment in the world. The talk also shows some research problems and development issues on Automated and Intelligent Information Security Engineering.
Jingde Cheng is a professor of computer science at Graduate School of Science and Engineering, Saitama University, Japan. Before he joined Saitama University in 1999, he was a research associate (1982-1989) at Tsinghua University, China, a research associate (1989-1991), an associate professor (1991-1996), and a professor (1996-1999) at Kyushu University, Japan. He received the Bachelor of Engineering degree in computer science from Tsinghua University in China in 1982, and the Master of Engineering degree and the Doctor of Engineering degree, both in computer science from Kyushu University in Japan, in 1986 and 1989 respectively. His current research interests include relevant and ampliative reasoning, relevant logic and its applications, automated theorem finding, epistemic programming paradigm for scientific discovery, autonomous evolution of knowledge-based systems, anticipatory reasoning-reacting systems, persistent computing, and information security engineering environment. He is a senior member of ACM, and a member of IEEE-CS, IEEE-SMC, IEEE, and IPSJ.