Formalization and Quantitative Analysis of Controllability on Internet Information Security

Traditional information security models focus on protecting information or information systems. There is little research on controllability of Internet information security. We present network reference monitor (NRM) for access control in Internet environment. Then we propose the defi nition of network reference monitor and Internet information access control. Abstract operation model is put forward for controllability of Internet access control. The model consists of three parts: information discovery model, information analysis model and information control model. Next, we express the intuitive formal specifi cation of controllability by PCTL logic. Then we characterize the process of Internet access control by fi nite state automata and present an evaluation model of controllability. Control Rate and Control Leak Rate are given to analyze access control of Internet information security quantitatively.