Security analysis of access control model in hybrid cloud based on security entropy  被引量：2

作　　者：车天伟 Ma Jianfeng Li Na Wang Chao 

机构地区：[1]The School of Computer Science and Technology,Xidian University [2]The School of Computer Science and Technology,Northwestern Polytechnical University [3]The PLA information Engineering University

出　　处：《High Technology Letters》2015年第2期200-204,共5页高技术通讯（英文版）

基　　金：Supported by the National Natural Science Foundation of China(No.60872041,61072066);Fundamental Research Funds for the Central Universities(JYI0000903001,JYI0000901034)

摘　　要：To resolve the problem of quantitative analysis in hybrid cloud,a quantitative analysis method,which is based on the security entropy,is proposed.Firstly,according to the information theory,the security entropy is put forward to calculate the uncertainty of the system' s determinations on the irregular access behaviors.Secondly,based on the security entropy,security theorems of hybrid cloud are defined.Finally,typical access control models are analyzed by the method,the method's practicability is validated,and security and applicability of these models are compared.Simulation results prove that the proposed method is suitable for the security quantitative analysis of the access control model and evaluation to access control capability in hybrid cloud.To resolve the problem of quantitative analysis in hybrid cloud, a quantitative analysis method, which is based on the security entropy, is proposed. Firstly, according to the information theory, the security entropy is put forward to calculate the uncertainty of the system＇ s determinations on the ir regular access behaviors. Secondly, based on the security entropy, security theorems of hybrid cloud are defined. Finally, typical access control models are analyzed by the method, the method＇ s prac ticability is validated, and security and applicability of these models are compared. Simulation re sults prove that the proposed method is suitable for the security quantitative analysis of the access control model and evaluation to access control capability in hybrid cloud.

关 键 词：hybrid cloud security entropy classificatory access control model directly unauthorized access right about access indirectly unauthorized access 

分 类 号：TP393.08[自动化与计算机技术—计算机应用技术]