«上一篇/Previous Article|本期目录/Table of Contents|下一篇/Next Article»

j. issn. 1673-629X. 2019. 10. 027]
点击复制

基于细粒度访问控制的大数据安全防护方法()

分享到：

《计算机技术与发展》[ISSN:1006-6977/CN:61-1281/TN]

卷:: 29
期数:: 2019年10期

页码:: 134-140

栏目:: 安全与防范

出版日期:: 2019-10-10

文章信息/Info

Title:: Big Data Security Protection Based on Fine-grained Access Control

文章编号:: 1673-629X(2019)10-0134-07

作者:: 王继业; 范永; 余文豪; 韩丽芳; 中国电力科学研究院有限公司,北京 100192

Author(s):: WANG Ji-ye; FAN Yong; YU Wen-hao; HAN Li-fang; China Electric Power Research Institute,Beijing 100192,China

关键词:: 大数据; 信息安全; 访问控制; 属性; 细粒度

Keywords:: big data; information security; access control; attribute; fine-grained

分类号:: TP309

DOI:: 10. 3969 / j. issn. 1673-629X. 2019. 10. 027

摘要:: 访问控制是保护信息系统数据安全的重要手段。但是大数据服务环境下,数据呈现分布式的特点。如何有效解决复杂用户多数据资源域的访问,是大数据安全的重要研究方向。针对这一问题,在深入分析大数据环境下访问控制技术的基础上,提出了一种基于细粒度访问控制的大数据安全防护方法。该方法采用基于属性的访问控制模型,解决了用户认证、域定位、访问决策以及模块关联的问题,实现了细粒度数据及服务的访问。在提出基本模型之上,结合实际的应用场景需求,给出了单域和跨域两个场景中的访问决策模型。详细描述了模型及决策算法,并给出了多域属性表同步方法。实验结果表明,该模型实现了细粒度访问,能够有效保护大数据环境下的数据安全,并且能够实现快速决策,高效访问。

Abstract:: Access control is an important way to protect data security of information system. However,in the context of big data services,data is distributed. How to effectively solve the access of multiple data resource domains of complex users is an important research direction of big data security. Aiming at this problem,we put forward a big data security protection based on fine-grained access control by the in-depth analysis of access control technology in big data environment. The method adopts an attribute-based access control model to solve the problems of user authentication,domain location,access decision and module association,and achieves fine-grained data and service access. On the basis of the proposed basic model,combined with the actual application scenario requirements,the access decision model in the single domain and cross-domain scenarios is given. We describe the model and decision algorithm in detail,and give a multi-domain attribute table synchronization method. The experiment shows that the model can achieve fine-grained access, effectively protect data security in big data environment,and can achieve fast decision making and efficient access.

相似文献/References:

[1]黄松夏洪亚谈利群.基于模糊综合的信息安全风险评估[J].计算机技术与发展,2010,(01):185.
　HUANG Song,XIA Hong-ya,TAN Li-qun.Fuzzy Comprehensive Evaluation for Information Security[J].,2010,(10):185.
[2]郑江云江巨浪.基于信噪比的自适应双彩色图像水印算法[J].计算机技术与发展,2010,(02):160.
　ZHENG Jiang-yun,JIANG Ju-lang.An Algorithm of Adaptive Double Color Digital Image Watermarking Based on SNR[J].,2010,(10):160.
[3]任参刘少君黄道平.一种改进的并行签密方案[J].计算机技术与发展,2010,(04):151.
　REN Shen,LIU Shao-jun,HUANG Dao-ping.An Improved Parallel Signcryption Scheme[J].,2010,(10):151.
[4]孟祥宏.信息安全攻防博弈研究[J].计算机技术与发展,2010,(04):159.
　MENG Xiang-hong.Study on Offence and Defense of Information Security Based on Game Theory[J].,2010,(10):159.
[5]赵锋曹文杰.医院信息系统访问控制策略设计分析[J].计算机技术与发展,2010,(06):144.
　ZHAO Feng,CAO Wen-jie.Design and Analysis of Access Control Strategy for Hospital Information System[J].,2010,(10):144.
[6]杨蕴石王颖孙福玉吕科赵亚伟.商业银行安全保障体系设计[J].计算机技术与发展,2008,(03):177.
　YANG Yun-shi,WANG Ying,SUN Fu-yu,et al.Design on Information Security System for Commercial Bank[J].,2008,(10):177.
[7]刘华春.基于PKI的网上证券交易系统的构建[J].计算机技术与发展,2009,(07):173.
　LIU Hua-chun.Implementing a System of On - line Securities Trading Based on PKI Technology[J].,2009,(10):173.
[8]罗佳杨世平.基于熵权系数法的信息安全模糊风险评估[J].计算机技术与发展,2009,(10):177.
　LUO Jia,YANG Shi-ping.Fuzzy Risk Assessment for Information Security Based on Method of Entropy - Weight Coefficient[J].,2009,(10):177.
[9]李超王红胜陈军广孙蕊.加强计算机终端信息安全的两种解决方案[J].计算机技术与发展,2009,(01):165.
　LI Chao,WANG Hong-sheng,CHEN Jun-guang,et al.Two Solutions to Strengthen Computer＇s Terminal Information Security[J].,2009,(10):165.
[10]邓晓军.PKI技术及其应用的分析[J].计算机技术与发展,2008,(06):144.
　DENG Xiao-jun.Analysis of PKI Technology and Its Application[J].,2008,(10):144.
[11]严霄凤,张德馨.大数据研究[J].计算机技术与发展,2013,(04):168.
　YAN Xiao-feng,ZHANG De-xin.Big Data Research[J].,2013,(10):168.

常用功能

工具/Tools

统计/Statistics

摘要浏览/Viewed1088
全文下载/Downloads621
评论/Comments