P2P网络中基于准入度的任务访问控制模型  被引量：1

作　　者：刘浩[1,2] 陈志刚[1] 张连明[3] LIU Hao;CHEN Zhigang;ZHANG Lianming(School of Information Science and Engineering, Central South University, Changsha Hunan 410083, China;Institute of Information, Hunan University of Humanities, Science and Technology, Loudi Hunan 417000, China;College of Physics and Information Science, Hunan Normal University, Changsha Hunan 410081, China)

机构地区：[1]中南大学信息科学与工程学院,湖南长沙410083 [2]湖南人文科技学院信息学院,湖南娄底417000 [3]湖南师范大学物理与信息科学学院,湖南长沙410081

出　　处：《信息网络安全》2017年第6期22-29,共8页Netinfo Security

基　　金：国家自然科学基金[61572191;61571188];湖南省自然科学基金[2017JJ2124];湖南省教育厅优秀青年科研项目[15B125];湖南省计算机应用技术重点建设学科资助项目

摘　　要：P2P网络的自组织开放性等特点给系统带来一系列的安全隐患,然而传统的访问控制模型并不能适用于分布式管理的P2P网络。针对该问题,文章给出了一种新颖的任务访问控制模型。首先,基于多维信任云模型得出主体节点对目标节点的信任度。然后,采用风险评估理论对本次共享交互进行风险评估。最后,该模型参考了社会网络中人际交互决策的基本原理,从信任度与风险值两个角度得出目标节点的访问准入度。根据目标节点的访问准入度,该模型对任务访问控制模型进行了改进,以实现主体节点对访问权限的动态管理。引入该模型后,降低了非合作节点对P2P系统的影响,提高了系统的交互成功率,增强了P2P网络的安全性。The features opening and self-organization of P2P network brings a series of securityrisks to it,however the traditional access control model is not suitable for P2P network the distributedmanagement system.This paper proposes a novel task-based access control mode of Peer-to-Peernetwork.Firstly,the subject node evaluates the trust of object node by means of multidimensional trustcloud model,and calculates the risk value of this sharing transaction using the theory of risk evaluation.In the end,the basic principles of interpersonal interaction in social networks are provided references inthis model,and the admission degree of object node is obtained by synthesizing the trust of object nodeand the risk value of this shar-ing transaction.According to the access degree of the target node,thetask access control model is improved in this model,and the dynamic management of access rights isrealized.After introducing the model,the in-fl uence of non cooperative nodes is reduced in P2P system,and the success ratio of the system is improved,and the security of P2P network is enhanced.

关 键 词：P2P网络 信任 风险 任务 访问准入度 

分 类 号：TP393.0[自动化与计算机技术—计算机应用技术]