动态自适应访问控制模型  被引量：7

作　　者：史国振[1,2] 王豪杰[3] 慈云飞 叶思水 郭云川[5] SHI Guo-zhen WANG Hao-jie CI Yun-fei YE Si-shui GUO Yun-chuan(School of Information Security, Beijing Electronic Science and Technology Institute, Beijing 100070, China School of Computer Science and Technology, Xidian University, Xi＇an 710071, China School of Telecommunications Engineering, Xidian University, Xi＇an 710071, China Dept. of Honse Technology, Ruiting Networking Technology （Shanghai） Co, Ltd., Shanghai 200127, China State Key Laboratory of Information Security, Institute of Information Engineering, Chinese Academy of Sciences, Beijing 100093, China)

机构地区：[1]北京电子科技学院信息安全系,北京100070 [2]西安电子科技大学计算机学院,陕西西安710071 [3]西安电子科技大学通信工程学院,陕西西安710071 [4]瑞庭网络技术(上海)有限公司房产技术部,上海200127 [5]中国科学院信息工程研究所信息安全国家重点实验室,北京100093

出　　处：《通信学报》2016年第11期49-56,共8页Journal on Communications

基　　金：国家重点研发计划基金资助项目(No.2016YFB0800304);北京市自然科学基金资助项目(No.4152048);江苏省自然科学基金资助项目(No.BK20150787)~~

摘　　要：随着云计算技术、智慧城市及移动办公的发展和移动智能设备的出现,资源所处的网络环境越来越复杂,传统的访问控制模型已很难满足多样化的访问控制条件以及访问控制策略动态自适应调整的需求。以基于行为的访问控制模型为基础,结合资源生命周期管理,提出了一种动态自适应访问控制模型。该模型以资源生命周期为中心,充分考虑资源的生命周期阶段及其访问控制策略的关联性和动态性,使资源访问控制策略能够随着资源生命周期所处阶段的变化而自动变化,提高了访问控制的灵活性和复杂网络环境下的适用性;模型加入用户访问行为历史管理功能,考虑用户的历史访问行为,进一步约束主体的访问能力,提高模型适应开放的网络环境的能力。最后,在通用访问控制系统和云访问控制系统中对该模型进行了实现和验证。With the development of cloud computing technology, smart city and mobile office and emergence of mobile smart devices, the resources＇ environment is increasing complex. The traditional access control model has been difficult to meet the diverse access control requirements and the dynamic and adaptive access control policy. A dynamic and adaptive access control model combining the resource life cycle management based on ABAC was proposed. The model focused on resource life cycle management considering the relevance of the resource life cycle management and access control policy. In this model, the policy can be changed as the resource life cycle states＇ change, so the applicability has been improved. In addition, the user access behavior history management function was added in this model, which can adapt the environment better by considering history of user access behavior. At last, the model in general and cloud computing access control system was implemented and verified.

关 键 词：访问控制 基于行为的访问控制模型 资源生命周期管理 动态自适应 用户历史访问行为 

分 类 号：TP302[自动化与计算机技术—计算机系统结构]