检索规则说明:AND代表“并且”;OR代表“或者”;NOT代表“不包含”;(注意必须大写,运算符两边需空一格)
检 索 范 例 :范例一: (K=图书馆学 OR K=情报学) AND A=范并思 范例二:J=计算机应用与软件 AND (U=C++ OR U=Basic) NOT M=Visual
名 称:
注 释:
作 者:刘建华[1] 任丹丹 LIU Jianhua;REN Dandan(Center of Information and Network,Xi’an University of Posts and Telecommunications,Xi’an 710121,China;School of Computer Science and Technology,Xi’an University of Posts and Telecommunications,Xi’an 710121,China)
机构地区:[1]西安邮电大学信息网络中心,陕西西安710121 [2]西安邮电大学计算机学院,陕西西安710121
出 处:《西安邮电大学学报》2023年第3期63-67,共5页Journal of Xi’an University of Posts and Telecommunications
基 金:西安邮电大学研究生创新基金项目(CXJJLY2019046)。
摘 要:针对网络空间中的大量敏感信息难以从细粒度层面进行访问授权分类、隐私保护强度不高等问题,提出一种基于访问控制的敏感信息分类授权模型。结合基于角色和属性的访问控制思想,建立包含用户、敏感信息等属性的分类模型,通过映射关系设计用户-角色分配和角色-权限分配策略,动态生成访问控制矩阵,限制不同用户针对不同敏感信息可进行的操作。实例分析结果表明,该模型支持灵活动态、细粒度地对敏感信息的访问授权进行分类,提高了隐私保护的强度。In order to solve the problems that a large number of sensitive information in cyberspace is difficult to classify the access authorization from a fine-grained level and the privacy protection intensity is not high,a sensitive information classification authorization model based on access control is proposed.Combined with the idea of access control based on roles and attributes,a classification model containing user,sensitive information and other attributes is established.User-role assignment and role-permission assignment strategies are designed through mapping relations,and access control matrices are dynamically generated to limit the operations that different users could perform on different sensitive information.Example results show that the model can support flexible,dynamic and fine-grained classification of access authorization for sensitive information,and can improve the intensity of privacy protection.
分 类 号:TP301.4[自动化与计算机技术—计算机系统结构]
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在链接到云南高校图书馆文献保障联盟下载...
云南高校图书馆联盟文献共享服务平台 版权所有©
您的IP:216.73.216.222