云计算下可信虚拟群体内访问控制研究  

On access to trusted virtual group under cloud computing

在线阅读下载全文

作  者:梁鹏[1] 沈昌祥[1] 宁振虎[1] 

机构地区:[1]北京工业大学计算机学院北京市可信计算北京市重点实验室,北京100124

出  处:《通信学报》2013年第S1期207-215,共9页Journal on Communications

基  金:国家科技重大专项"新一代宽带无线移动通信网"基金资助项目(2012ZX03002003);国家高技术研究发展计划("863"计划)基金资助项目(2009AA01Z437);国家核高基金资助项目(2010ZX01037-001-001)~~

摘  要:针对缺乏适合基于云计算的生产型重要信息系统内部隔离机制的问题,对云计算模式下现有的访问控制技术进行了比较,提出了基于两级密钥管理的访问控制方案。第一级构造了一个基于单项散列函数的访问控制多项式实现了子群体间信息流的隔离,即实现了生产型重要信息系统内部门间的信息隔离;在第一级密钥管理的基础上,提出了子群体间层次密钥管理,实现不同部门间信息流的访问控制。然后对该方案的安全性和复杂度进行了分析。最后,通过实例和仿真实验对基于两级密钥管理的访问控制方案进行了验证。There is no appropriate internal isolation mechanism for important production information system based on cloud computing. Here the main access control technologies were compared thoroughly and then two-layer key management scheme was put forward. In terms of the first layer, access control polynomial based on one-way hash function was constructed to achieve the separation of information flow between subgroups, that is, the information isolation within any department of a company was accomplished. Based on the first layer, a hierarchical key management was presented for different subgroups so as to realize the access control between different departments of a company. Then the security and complexity were analyzed. Finally, through the example and simulation experiment, the access control model based on two-layer key management scheme was verified.

关 键 词:云计算 密码学访问控制 密钥管理 生产型信息系统 

分 类 号:TP393.08[自动化与计算机技术—计算机应用技术]

 

参考文献:

正在载入数据...

 

二级参考文献:

正在载入数据...

 

耦合文献:

正在载入数据...

 

引证文献:

正在载入数据...

 

二级引证文献:

正在载入数据...

 

同被引文献:

正在载入数据...

 

相关期刊文献:

正在载入数据...

相关的主题
相关的作者对象
相关的机构对象