| 基于多维度量和上下文的访问控制模型 |
| |
| 引用本文: | 刘飞,常朝稳.基于多维度量和上下文的访问控制模型[J].计算机工程,2011,37(24):129-131. |
| |
| 作者姓名: | 刘飞 常朝稳 |
| |
| 作者单位: | 信息工程大学电子技术学院,郑州,450004 |
| |
| 基金项目: | 国家"863"计划基金资助项目 |
| |
| 摘 要: | 在分布式系统中,用户身份难以确定、接入平台复杂,且网络环境动态多变,传统的基于角色或身份的访问控制模型已无法满足用户需求。为此,结合基于角色访问控制(RBAC)和信任管理(TM)的特点,在RBAC的基础上,引入信任与上下文的概念,对用户身份、接入平台及用户行为进行多维度量,根据网络环境和用户状态的动态多变性,提出一种基于多维度量和上下文的访问控制模型(MCBAC),该模型主要依据用户的身份信息和可信度分配角色,通过上下文约束,实现动态角色授权控制,具有较高的安全性及较好的灵活性。
|
| 关 键 词: | 多维度量 信任度 上下文 平台安全 访问控制 |
| 收稿时间: | 2011-06-28 |
Access Control Model Based on Multidimensional Measurement and Context |
| |
| LIU Fei,CHANG Chao-wen.Access Control Model Based on Multidimensional Measurement and Context[J].Computer Engineering,2011,37(24):129-131. |
| |
| Authors: | LIU Fei CHANG Chao-wen |
| |
| Affiliation: | (Institute of Electronic Technology,Information Engineering University,Zhengzhou 450004,China) |
| |
| Abstract: | In distributed systems, the user's identity is uncertain, the access platform is complex, and the network environment is changeable. The traditional simplex access control model such as role-based or'identity-based access control model can not well meet the requirements. It combines the advantage of Role-based Access Control(RBAC) and Trust Management(TM), extends the traditional RBAC model with the notion of trust and context, performs a multidimensional measurement on user's identity, access platform and user's behavior, considering the security of user's platform and the dynamic uncertainty of the network environment, promotes a new access control model called MCBAC. It is accordiug to user's identity information and trust degree assign roles. It realizes dynamic role authorization control. It has good security and flexibility. |
| |
| Keywords: | multidimensional measurement trust degree context platform security access control |
| 本文献已被 CNKI 维普 万方数据 等数据库收录! |
| 点击此处可从《计算机工程》浏览原始摘要信息 |
|
点击此处可从《计算机工程》下载全文 |
|
