| 云计算中基于信任的多域访问控制策略 |
| |
| 作者姓名: | 别玉玉 林果园 |
| |
| 作者单位: | 1. 中国矿业大学计算机科学与技术学院,江苏徐州,221116
2. 中国矿业大学计算机科学与技术学院,江苏徐州221116 南京大学软件新技术国家重点实验室,江苏南京210093 |
| |
| 基金项目: | 国家自然科学基金项目资助(51104157);中国博士后科学基金(20100481181);教育部博士学科点专项科研基金(20110095120008) |
| |
| 摘 要: | 在云计算环境中,访问控制策略是保障云用户与云资源/服务安全的有效手段。本文在分析云计算安全特点的基础上,将信任度的概念引入基于角色的访问控制策略,并结合云计算环境存在多个安全管理域的特点,给出了信任度在本地域以及跨域的计算方法,提出基于信任度的多域访问控制框架。本地域的访问控制策略在RBAC的基础上引入信任度进行实施,而跨域的访问控制会涉及到角色转换。文章在基于信任的RBAC模型中,提出一种灵活的通过角色关联和动态角色转换实现跨域访问控制的方法。
|
| 关 键 词: | 云计算 信任 多域 访问控制 角色转换 |
Trust_based Access Control Strategy in Multi-domain of Cloud Computing |
| |
| Authors: | Bie Yu-yu Lin Guo-yuan |
| |
| Affiliation: | 1,2 (1.School of Computer, China University of Mining and Technology JiangsuXuzhou 221116) (2.Department of Computer, Nanjing University JiangsuNanjing 210093) |
| |
| Abstract: | In cloud computing, access control is an effective measure in protecting the user and cloud computing services or resources. Based on the characteristics of cloud computing security, trust is introduced into role-based access control model. A new calculation method of trust in cloud computing is proposed and the difference between intro-domain trust and inter-domain trust is analyzed. In addition, a novel access control framework combined with trust degree in multi-domain is given from this proposal. Access control policy in local domain directly applies RBAC model combined with trust degree, whereas in multi-domain it contains the conception of role transition. A multi-domain access control method is developed in the trust based RBAC model through role association and dynamic role translation. |
| |
| Keywords: | cloud computing trust multi-domain access control role translation |
| 本文献已被 CNKI 维普 万方数据 等数据库收录! |
|
