检索规则说明:AND代表“并且”;OR代表“或者”;NOT代表“不包含”;(注意必须大写,运算符两边需空一格)
检 索 范 例 :范例一: (K=图书馆学 OR K=情报学) AND A=范并思 范例二:J=计算机应用与软件 AND (U=C++ OR U=Basic) NOT M=Visual
作 者:韩宗芮 郭渊博[1] 秦晰 HAN Zong-rui;GUO Yuan-bo;QIN Xi(PLA Strategic Support Force Information Engineering University,Zhengzhou 450007,China)
出 处:《小型微型计算机系统》2022年第9期1968-1975,共8页Journal of Chinese Computer Systems
基 金:国家自然科学基金项目(61772548)资助.
摘 要:由于物联网设备异构性、数据海量性、交互动态性和信息强隐私性等特点,现有访问控制方案面临着授权粒度、动态性和策略管理等方面的严峻挑战,本文提出基于下一代访问控制的授权方案,以图的方式描述访问控制策略,实现细粒度动态授权,同时为用户提供良好的操作管理体验,文中通过智能家居领域示例说明其在物联网中的适应性.另外,为解决其授权执行效率问题,以更好适应物联网实时动态性的特点,提出支持多策略类决策的决策算法,以将策略图所表达的策略提取为特权列表并建立索引的方式减少授权决策时间,最后对其执行效率进行了分析与评估,结果表明,该算法在最坏的情况时间复杂度仍然很低,能够保持高效的执行效率.Due to the heterogeneity of IoT devices,Data magnanimity,interactive dynamics,and strong privacy of information,the existing access control solutions are facing huge challenges in terms of authorization granularity,dynamics,and policy management.An authorization scheme based on Next Generation Access Control is proposed to realize fine-grained dynamic authorization,and provides users with a good operation management experience.The access control policies are described in the form of policy graph.Its adaptability in the Internet of Things is illustrated through examples in Smart Home.In addition,in order to solve the problem of authorization execution efficiency and better adapt to the real-time dynamic characteristics of the Internet of Things,a decision algorithm supporting multi-polices decision-making is proposed.The polices expressed in the strategy graph are extracted as a privilege list and indexed to reduce authorization decision time.The algorithm execution efficiency is analyzed and evaluated.The results show that the algorithm is still very low in time complexity in the worst situation and can maintain efficient execution efficiency.
关 键 词:物联网 下一代访问控制(NGAC) 基于属性的访问控制 策略图 授权
分 类 号:TP393[自动化与计算机技术—计算机应用技术]
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在链接到云南高校图书馆文献保障联盟下载...
云南高校图书馆联盟文献共享服务平台 版权所有©
您的IP:216.73.216.112
