Abstract: Due to the resource distributing，user distributing，computing distributing and management distributing in Large-scale Distributed System（LDS），the frequent interaction between entities becomes the foundation for the implementation of its basic operation and security mechanism.An analysis model named as LDS-IVA on Interaction Vulnerability Analysis is presented，which is aimed at the analysis of entity interaction vulnerabilities resulting from the lack of security mechanism.LDS-IVA builds the entity interaction model，designs the general interaction security mechanism description language IS-LAN，takes the key resources in LDS as the objects for analyzing，and adopts the Finite State Machine（FSM） technique to analyze and validate the entity interaction vulnerabilities.In this way，LDS-IVA finds out the bad influence on the resource confidentiality，integrity and availability caused by the lack of security mechanism，and thus recognizes the vulnerabilities and attack patterns in LDS.

Key words: Large-scale Distributed System（LDS）, entity interaction model, vulnerability analysis, Finite State Machine（SFM）

摘要： 大规模分布式系统中资源、用户、计算和管理分布化的特点，决定了实体间的频繁交互成为大规模分布式系统完成基本业务和实现安全机制的基本手段。针对因安全机制缺失而引入的大规模分布式系统交互脆弱性问题，提出了一种大规模分布式系统实体交互脆弱性分析模型LDS-IVA;通过对大规模分布式系统实体交互过程进行建模，采用可通用的大规模分布式系统交互安全机制描述语言IS-LAN描述各实体的安全机制，以大规模分布式系统中的关键资源为分析对象，采用有限状态机的方法对大规模分布式系统实体交互进行分析和验证，发现安全机制缺失和不足对关键资源机密性、完整性和可用性的影响，以识别大规模分布式系统交互中存在的脆弱性及其可能引发的攻击模式。

关键词: 大规模分布式系统, 实体交互模型, 脆弱性分析, 有限状态机