[1]马星晨,朱建涛,邵婧,等.一种基于属性的去中心化访问控制模型[J].计算机技术与发展,2018,28(09):118-122.[doi:10.3969/ j. issn.1673-629X.2018.09.024]
 MA Xing-chen,ZHU Jian-tao,SHAO Jing,et al.A Decentralized Access Control Model Based on Attribute[J].,2018,28(09):118-122.[doi:10.3969/ j. issn.1673-629X.2018.09.024]
点击复制

一种基于属性的去中心化访问控制模型()
分享到:

《计算机技术与发展》[ISSN:1006-6977/CN:61-1281/TN]

卷:
28
期数:
2018年09期
页码:
118-122
栏目:
安全与防范
出版日期:
2018-09-10

文章信息/Info

Title:
A Decentralized Access Control Model Based on Attribute
文章编号:
1673-629X(2018)09-0118-05
作者:
马星晨朱建涛邵婧刘明达
江南计算技术研究所,江苏 无锡 214083
Author(s):
MA Xing-chenZHU Jian-taoSHAO JingLIU Ming-da
Jiangnan Institute of Computing Technology,Wuxi 214083,China
关键词:
访问控制去中心化安全决策权益证明证据链条
Keywords:
access controldecentralizationsecure decisionproof of stakechain of evidence
分类号:
TP309
DOI:
10.3969/ j. issn.1673-629X.2018.09.024
文献标志码:
A
摘要:
随着网络规模与开放程度的不断加大,传统的基于属性的访问控制模型(attribute-based access control,ABAC)在实际应用中存在着中心节点负担过大,决策过程安全风险较高等问题。 为了更好地提升基于属性的访问控制模型的安全性,且满足大规模分布式网络环境下的应用条件,提出了一种基于属性的去中心化访问控制模型(decentralized attribute-based access control,DABAC)。 在基于属性的访问控制模型的基础上对访问控制模型进行扩展,通过权益证明和证据链条的方式,实现了去中心化的决策方式,进一步提升了决策支持库和访问记录的安全性,增加了访问决策的可信性。 相比于传统的访问控制模型,DABAC 模型具有更高的安全性、灵活性和容错性,通过更加安全的访问请求决策和更加详细的访问过程记录,更好地保护了客体资源。
Abstract:
With increasing of Internet scale and openness significantly,the traditional attribute-based access control model (ABAC) has many problems in practical application,such as excessive burden of central nodes and high security risk in decision-making process. In order to enhance the security of ABAC model and satisfy the conditions of applications in the large scale distributed network environment,we propose a decentralized attribute-based access control model (DABAC). The access control model is extended according to that based on attribute,through proof of stake and evidence chain to achieve decentralized decision,further improving the security of decision support libraries and access records,increasing the credibility of access decision. Compared with the traditional access control model,DABAC has better security,flexibility and fault tolerance. By providing more secure access decisions and more accurate access records,the object is protected better.

相似文献/References:

[1]黄世权.网络存储安全分析[J].计算机技术与发展,2009,(05):170.
 HUANG Shi-quan.Analysis of Network Storage's Safety[J].,2009,(09):170.
[2]程春玲 张登银.实现DRM系统的一种新方案[J].计算机技术与发展,2009,(07):166.
 CHENG Chun-ling,ZHANG Deng-yin.A New Implementation Scheme for Secure DRM System[J].,2009,(09):166.
[3]李秋敬 刘广亮 谢圣献 张沙沙 段海霞 许宏伟.基于时间约束的角色访问控制模型研究[J].计算机技术与发展,2009,(08):162.
 LI Qiu-jing,LIU Gang-liang,XIE Sheng-xian,et al.Temporal Role- Based Access Control Model[J].,2009,(09):162.
[4]刘宏波 罗锐 王永斌.一种采用RBAC模型的权限体系设计[J].计算机技术与发展,2009,(09):154.
 LIU Hong-bo,LUO Rui,WANG Yong-bin.Competence System Based on RBAC Design and Implementation[J].,2009,(09):154.
[5]杨灿 汤圣博 黄辉泽.企业级P2P视频会议系统设计与实现[J].计算机技术与发展,2009,(09):186.
 YANG Can,TANG Sheng-bo,HUANG Hui-ze.Design and Implementaion of Enterprise Video Conference System Based on P2P[J].,2009,(09):186.
[6]王立 万世昌 张珍.基于互信属性调配机制的访问控制模型[J].计算机技术与发展,2009,(12):127.
 WANG Li,WAN Shi-chang,ZI-IANG Zhen.Model for Mutual Trust Attribute Deployment Mechanism Based Access Control[J].,2009,(09):127.
[7]周光明 赵莉莉 彭长根.基于SOA和PKI/PMI的访问控制方案[J].计算机技术与发展,2009,(04):170.
 ZHOU Guang-ming,ZHAO Li-li,PENG Chang-gen.Access Control Systems Based on SOA and PKI/PMI[J].,2009,(09):170.
[8]张翼飞 徐蕾.一种矩阵型组织模式下的访问控制模型[J].计算机技术与发展,2009,(04):180.
 ZHANG Yi-fei,XU Lei.An Access Control Model under Matrix Organization[J].,2009,(09):180.
[9]朱益霞 孙道清 沈展.一种普适计算下的访问控制策略[J].计算机技术与发展,2010,(08):91.
 ZHU Yi-xia,SUN Dao-qing,SHEN Zhan.An Access Control Scheme for Pervasive Computing[J].,2010,(09):91.
[10]夏启寿[] 殷晓玲[] 范训礼.基于时间角色访问控制授权模型的研究[J].计算机技术与发展,2008,(11):138.
 XIA Qi-shou,YIN Xiao-ling,FAN Xun-li.Research on Authorization Model Based on Time RBAC[J].,2008,(09):138.

更新日期/Last Update: 2018-09-10