基于角色划分的多源异构数据库安全访问控制  

作　　者：李蕾[1] 孙歆 LI Lei;SUN Xin(ZhejiangChangZheng college of profession and technology,HangZhou 310023,China;Electric Power Research Institute of State Grid Zhejiang Electric Power Co.,Ltd HangZhou 310000,China)

机构地区：[1]浙江长征职业技术学院,杭州310023 [2]国网浙江省电力有限公司电力科学研究院,杭州310000

出　　处：《自动化与仪器仪表》2023年第5期56-59,64,共5页Automation & Instrumentation

基　　金：浙江省2021年度职业院校产教融合项目(浙教办职成[2021]60号):数字化转型背景下的数据安全及智能运维人才校企协同培养路径研究的研究成果。

摘　　要：对数据库进行安全访问控制时没有进行角色划分,使得用户权限设定不准确,导致用户访问匹配度较低,对此,研究基于角色划分的多源异构数据库安全访问控制方法。根据注册信息对访问用户进行身份验证,采用李克特5级量化标准对每个描述指标进行量化,根据量化结果计算出描述指标的重要度,根据重要度选取评估指标,将上述信任度评估指标作为信任证据,构建信任度联邦学习模型,计算用户信任度,基于上述计算结果划分用户角色,确认用户访问权限,实现多源异构数据库安全访问控制。结果表明:所研究方法控制下,合法身份用户访问成功率为100%、非法身份用户访问成功率为0%,角色正确匹配度均处于90%以上,说明该方法实现了对用户身份的有效验证。所研究方法的角色正确匹配度达到最大值,说明该方法的访问控制质量较高,能准确划分用户访问权限。There is no role division in the security access control of the database,which makes the setting of user permissions inaccurate and leads to low matching of user access.Therefore,the security access control method of multi-source heterogeneous databases based on role division is studied.The identity of the visiting user is verified according to the registration information,and each description index is quantified using Likert's 5-level quantitative standard.The importance of the description index is calculated according to the quantitative results.The evaluation index is selected according to the importance,and the above trust evaluation index is used as the evidence of trust.A federated learning model of trust is built to calculate the user trust.Based on the above calculation results,user roles are divided and user access rights are confirmed,Implement secure access control of multi-source heterogeneous databases.The results show that under the control of the research method,the access success rate of legal identity users is 100%,the access success rate of illegal identity users is 0%,and the correct role matching degree is above 90%,which shows that the method realizes effective authentication of user identity.The role correct matching degree of the studied method reaches the maximum,which indicates that the access control quality of the method is high and the user access authority can be accurately divided.

关 键 词：联邦学习 多源异构数据库 身份验证 信任度 用户角色 安全访问控制方法 

分 类 号：TP141.32[自动化与计算机技术—控制理论与控制工程]