检索规则说明:AND代表“并且”;OR代表“或者”;NOT代表“不包含”;(注意必须大写,运算符两边需空一格)
检 索 范 例 :范例一: (K=图书馆学 OR K=情报学) AND A=范并思 范例二:J=计算机应用与软件 AND (U=C++ OR U=Basic) NOT M=Visual
名 称:
注 释:
作 者:许盛伟 田宇 邓烨 刘昌赫 刘家兴 Xu Shengwei;Tian Yu;Deng Ye;Liu Changhe;and Liu Jiaxing(Institute of Information Security,Beijing Electronic Science and Technology Institute,Beijing 100070;Department of Cyberspace Security,Beijing Electronic Science and Technology Institute,Beijing 100070;Department of Cryptologic Science and Technology,Beijing Electronic Science and Technology Institute,Beijing 100070)
机构地区:[1]北京电子科技学院信息安全研究所,北京100070 [2]北京电子科技学院网络空间安全系,北京100070 [3]北京电子科技学院密码科学与技术系,北京100070
出 处:《信息安全研究》2024年第3期241-247,共7页Journal of Information Security Research
基 金:国家重点研发计划项目(2022YFB3104402);中央高校基本科研业务费专项资金项目(328202221)。
摘 要:面对网络中大量涌现的安全威胁,传统访问控制模型暴露出权限分配动态性差、面对新威胁敏感度低以及资源分配复杂度高的问题.针对上述问题,提出一种基于角色和属性的零信任访问控制模型,模型使用逻辑回归的方法对访问主体进行信任评估,实现对访问主体属性高敏感度的访问控制,并采用一种全新的资源决策树,在实现访问控制更细粒度安全性的同时,降低了对资源权限分配的时间复杂度.最后,通过在典型应用场景下对模型进行验证,表明该模型在权限动态分配方面明显优于传统访问控制模型.In the face of many security threats in the network,the traditional access control model is increasingly exposed to the problems of poor dynamics of permission allocation,low sensitivity to new threats,and high complexity of resource allocation.This paper proposed a zero trust access control model based on role and attribute to address the above problems.The model used a logistic regression approach to trust assessment of access subjects to achieve access control with high sensitivity to access subject attribute,and adopted a new resource decision tree,which reduced the time complexity of resource permission assignment while achieving finer-grained security for access control.Finally,verifying the model in this paper under typical application scenarios showed that the model was significantly better than the traditional access control model in terms of dynamic assignment of permissions.
分 类 号:TP393.08[自动化与计算机技术—计算机应用技术]
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在链接到云南高校图书馆文献保障联盟下载...
云南高校图书馆联盟文献共享服务平台 版权所有©
您的IP:216.73.216.222