[1]陈彦竹,郝天曙. 基于角色信任度动态监控的访问控制研究[J].计算机技术与发展,2017,27(10):106-110.
 CHEN Yan-zhu,HAO Tian-shu. Research on Access Control of Dynamic Monitoring with Role Trustrank[J].,2017,27(10):106-110.
点击复制

 基于角色信任度动态监控的访问控制研究()
分享到:

《计算机技术与发展》[ISSN:1006-6977/CN:61-1281/TN]

卷:
27
期数:
2017年10期
页码:
106-110
栏目:
安全与防范
出版日期:
2017-10-10

文章信息/Info

Title:
 Research on Access Control of Dynamic Monitoring with Role Trustrank
文章编号:
1673-629X(2017)10-0106-05
作者:
 陈彦竹郝天曙
 南京邮电大学 计算机学院
Author(s):
 CHEN Yan-zhuHAO Tian-shu
关键词:
 访问控制综合信用度行为级别跨域细粒度
Keywords:
 access controlcomprehensive trust degreebehavior levelcross-domainfine-grained
分类号:
TP31
文献标志码:
A
摘要:
 安全访问控制是云计算安全领域中一个迫切需要解决的问题,其中在用户登入系统后,实施合理的动态监控用户行为以确保资源安全是当前研究的热点.传统的访问控制策略已经不能满足现在的安全需求,单一地将用户和角色进行关联,并不能全面地反映用户的安全属性,也无法实时获取用户的行为.因此,提出了一种基于信任度评估和行为级别评估的访问控制模型.该模型的信任管理考虑了用户的跨域操作,结合用户的初始信用度、历史信用度和域间参考信用度进行综合评价,在信用度累积过程中,系统会根据用户的当前信用度,动态赋予用户不同的信用度加成,同时监控用户行为,根据用户行为级别,更改监控时间片.通过实验分析证明,该模型在安全访问控制上,更加细粒度,更加安全可靠,实时性更好.
Abstract:
 Security access control is an urgent issue to be solved in the field of cloud computing security,in which implementing reasona-ble dynamic monitoring users’ activity to ensure the security of resources after logging in the system is the hot issue of current investiga-tion. The traditional access control policy can’ t satisfy the current security requirements,just integrating roles with users can’ t fully re-flect the users’ security attributes,and can’ t obtain the users’ behavior in real time. Therefore,a kind of access control model based on the evaluation of trust rank and assessment of behavior rating is put forward. Its trust management takes the cross-domain operation of the users into account,and combines the users’ initial trust,historical trust and cross-domain reference trust for evaluation. During the process of accumulating trust,the system dynamically assigns different trust degrees to users according to their current trust. Meanwhile,the sys-tem monitors the users’ behavior,and the monitoring time slice changes with user behavior level. The experimental analysis proves that it is more fine-grained,more reliable,safer and better real-time in security access control.

相似文献/References:

[1]黄世权.网络存储安全分析[J].计算机技术与发展,2009,(05):170.
 HUANG Shi-quan.Analysis of Network Storage's Safety[J].,2009,(10):170.
[2]程春玲 张登银.实现DRM系统的一种新方案[J].计算机技术与发展,2009,(07):166.
 CHENG Chun-ling,ZHANG Deng-yin.A New Implementation Scheme for Secure DRM System[J].,2009,(10):166.
[3]李秋敬 刘广亮 谢圣献 张沙沙 段海霞 许宏伟.基于时间约束的角色访问控制模型研究[J].计算机技术与发展,2009,(08):162.
 LI Qiu-jing,LIU Gang-liang,XIE Sheng-xian,et al.Temporal Role- Based Access Control Model[J].,2009,(10):162.
[4]刘宏波 罗锐 王永斌.一种采用RBAC模型的权限体系设计[J].计算机技术与发展,2009,(09):154.
 LIU Hong-bo,LUO Rui,WANG Yong-bin.Competence System Based on RBAC Design and Implementation[J].,2009,(10):154.
[5]杨灿 汤圣博 黄辉泽.企业级P2P视频会议系统设计与实现[J].计算机技术与发展,2009,(09):186.
 YANG Can,TANG Sheng-bo,HUANG Hui-ze.Design and Implementaion of Enterprise Video Conference System Based on P2P[J].,2009,(10):186.
[6]王立 万世昌 张珍.基于互信属性调配机制的访问控制模型[J].计算机技术与发展,2009,(12):127.
 WANG Li,WAN Shi-chang,ZI-IANG Zhen.Model for Mutual Trust Attribute Deployment Mechanism Based Access Control[J].,2009,(10):127.
[7]周光明 赵莉莉 彭长根.基于SOA和PKI/PMI的访问控制方案[J].计算机技术与发展,2009,(04):170.
 ZHOU Guang-ming,ZHAO Li-li,PENG Chang-gen.Access Control Systems Based on SOA and PKI/PMI[J].,2009,(10):170.
[8]张翼飞 徐蕾.一种矩阵型组织模式下的访问控制模型[J].计算机技术与发展,2009,(04):180.
 ZHANG Yi-fei,XU Lei.An Access Control Model under Matrix Organization[J].,2009,(10):180.
[9]朱益霞 孙道清 沈展.一种普适计算下的访问控制策略[J].计算机技术与发展,2010,(08):91.
 ZHU Yi-xia,SUN Dao-qing,SHEN Zhan.An Access Control Scheme for Pervasive Computing[J].,2010,(10):91.
[10]夏启寿[] 殷晓玲[] 范训礼.基于时间角色访问控制授权模型的研究[J].计算机技术与发展,2008,(11):138.
 XIA Qi-shou,YIN Xiao-ling,FAN Xun-li.Research on Authorization Model Based on Time RBAC[J].,2008,(10):138.
[11]胡欣杰,路川. 基于访问控制的涉密信息管理安全解决方案[J].计算机技术与发展,2014,24(08):131.
 HU Xin-jie,LU Chuan. A Solution for Management Security of Secret Information Based on Access Controlling[J].,2014,24(10):131.
[12]郝小龙. 改进的RBAC模型在电网视频监控平台中的应用[J].计算机技术与发展,2014,24(12):212.
 HAO Xiao-long. Application of Improved RBAC Model in Grid Video Monitoring Platform[J].,2014,24(10):212.
[13]张玉静,刘军,李先珠. 带有时间约束支持冲突检测的访问控制模型[J].计算机技术与发展,2015,25(02):117.
 ZHANG Yu-jing,LIU Jun,LI Xian-zhu. An Access Control Model of Supporting Conflict Detection with Time Constrains[J].,2015,25(10):117.
[14]尹安. 舰船内部信息综合管理平台的设计研究与开发[J].计算机技术与发展,2015,25(05):152.
 YIN An. Design Research and Development of Ship inside Information Integrated Management Platform[J].,2015,25(10):152.
[15]付雄[],徐松[],周代明[]. 云计算环境下基于信任的访问控制模型研究[J].计算机技术与发展,2015,25(09):139.
 FU Xiong[],XU Song[],ZHOU Dai-ming[]. Research on Trust-based Access Control Model in Cloud Computing Environment[J].,2015,25(10):139.
[16]王剑[],吴定峰[],阚京[],等. 面向农业信息服务的单点登录技术研究与改进[J].计算机技术与发展,2016,26(05):191.
 WANG Jian[],WU Ding-feng[],KAN Jing[],et al. Design and Improvement of Single Sign-on Technology for Agriculture Information Services[J].,2016,26(10):191.
[17]尚福华,李盼. 面向射孔数据协作的文件授权访问控制模型[J].计算机技术与发展,2016,26(09):119.
 SHANG Fu-hua,LI Pan. File Authorization Access Control Model for Perforated Data Collaboration[J].,2016,26(10):119.
[18]范迪,朱志祥. 一种Dubbo框架的授权认证方案[J].计算机技术与发展,2017,27(11):115.
 FAN Di,ZHU Zhi-xiang. An Authorization Authentication Scheme for Dubbo Framework[J].,2017,27(10):115.

更新日期/Last Update: 2017-11-23