%0 Journal Article %T 安全协议实施安全性分析综述<br>Survey of security analysis of security protocol implementations %A 孟博 %A 鲁金钿 %A 王德军 %A 何旭东< %A br> %A MENG Bo %A LU Jin-tian %A WANG De-jun %A HE Xu-dong %J 山东大学学报(理学版) %D 2018 %R 10.6040/j.issn.1671-9352.2.2017.067 %X 摘要: 安全协议是网络空间安全的重要组成部分,安全协议实施是安全协议的最终表现形式。介绍了安全协议实施安全性分析的意义,分别按照三个前提条件:能够获取安全协议客户端实施和安全协议服务器端实施、仅能够获取安全协议客户端实施、不能获取安全协议客户端与安全协议服务器端实施,并依据安全协议实施安全性分析采用的主要分析方法——程序验证、模型抽取、网络轨迹、指令分析等,对相关研究成果进行归类、分析、比较、总结和讨论。对未来安全协议实施安全性分析的研究方向进行了展望。<br>Abstract: Security protocols are not only the important part of cyberspace security, but also are the key technology of providing cyberspace security. Security protocol implementations are the final objective of developing security protocols and people have paid a special attention to its security analysis. Around the hot issue, first, it briefly introduced the significance of security protocol implementations. Then, based on three assumptions respectively, 1)with security protocol client implementations and server implementations, 2)with security protocol client implementations, 3)without security protocol client implementations and server implementations, and the approaches used, for examples, program verification, model extraction, net-trace and dynamic taint analysis, the related research results are categorized, compared, analyzed and discussed. Finally, the conclusions are presented and the several future works of security analysis of security protocol implementations are introduced %K 网络空间安全 %K 模型抽取 %K 指令分析 %K 安全协议实施 %K 程序验证 %K 网络轨迹 %K < %K br> %K model extraction %K security protocol implementations %K cyberspace security %K program verification %K net-trace %K execution analysis %U http://lxbwk.njournal.sdu.edu.cn/CN/10.6040/j.issn.1671-9352.2.2017.067