Research on Security Evaluation of XML Communication Protocol

According to the problem in communication protocol security assessments, a new protocol security comprehensive evaluation method based on the three-dimensional sphere model is presented. In this method, a three-dimensional security evaluation index system was built through positions of index on the external of spherical shell. Evaluation index weights of the top two levels were obtained through the analytic hierarchy process (AHP), with sphere radius and the retractable angles. Then, security components’ values of communication content, communication load and security vulnerability of XML communication protocol were calculated. Finally, the security evaluation result of XML communication protocol was obtained through quantization calculation and comprehensive analysis method. The experimental results demonstrate that our method can meet the needs of communication protocol security evaluating effectively.

[1]  George Ghinea,et al.  A Performance Evaluation of Security Mechanisms for Web Services , 2009, 2009 Fifth International Conference on Information Assurance and Security.

[2]  Peng Xinguang,et al.  Trustworthy Web Service Security Risk Assessment Research , 2009, 2009 International Forum on Information Technology and Applications.

[3]  Bo Yan,et al.  A Performance Evaluation of Web Services Security , 2006, 2006 10th IEEE International Enterprise Distributed Object Computing Conference (EDOC'06).

[4]  David Whitney,et al.  Professional Web Services Security , 2002 .

[5]  Mark O'Neill,et al.  Web Services Security , 2003 .

[6]  Hao Chen,et al.  A Security Evaluation Method Based on Threat Classification for Web Service , 2011, J. Softw..

[7]  Xie Li-xia A Vulnerability Severity Grey Hierarchy Analytic Evaluation Model , 2010 .

[8]  Yang Xu,et al.  Modeling and Analysis of Security Protocols Using Colored Petri Nets , 2011, J. Comput..