检索规则说明:AND代表“并且”;OR代表“或者”;NOT代表“不包含”;(注意必须大写,运算符两边需空一格)
检 索 范 例 :范例一: (K=图书馆学 OR K=情报学) AND A=范并思 范例二:J=计算机应用与软件 AND (U=C++ OR U=Basic) NOT M=Visual
名 称:
注 释:
作 者:张逸飞 李梦婕 Zhang Yifei;Li Mengjie(Institute of Information Engineering,Chinese Academy of Sciences,Beijing 100085)
出 处:《信息安全研究》2024年第10期912-920,共9页Journal of Information Security Research
摘 要:零信任模型给各种场景下的实际业务提出新的需求和挑战.过去的权限管理实践中,往往是由管理员人工赋予用户权限.然而,这种方式存在着许多问题,特别是在面对人员调动、权限更改和信息陈旧等情况时,系统无法及时自动调整权限,可能导致安全问题,甚至给黑客提供了攻击的突破口,造成严重的安全隐患.为了解决这些问题,必须在实际应用中紧密结合业务需求,实现权限的智能理解、调整和分配.旨在探讨在零信任模型下构建智能权限管理系统的研究与实践,为企业提供更加安全、高效的权限管理解决方案.The zero trust model puts forward new requirements and challenges for actual businesses in various scenarios.In the past,in the practice of permission management,administrators often manually granted users permissions.However,there are many problems with this method,especially in the face of personnel transfer,permission change,and outdated information,the system cannot automatically adjust the permission in time,which may lead to security problems,and even provide hackers with a breakthrough in attack,causing serious security risks.In order to solve these problems,it is necessary to closely integrate business needs in practical applications to realize the intelligent understanding,adjustment,and allocation of permissions.The purpose of this paper is to discuss the research and practice of building an intelligent permission management system under the zero trust model,so as to provide enterprises with a more secure and efficient permission management solution.
关 键 词:零信任架构 权限管理 网络安全 按需授权 数据安全
分 类 号:TP181[自动化与计算机技术—控制理论与控制工程]
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在链接到云南高校图书馆文献保障联盟下载...
云南高校图书馆联盟文献共享服务平台 版权所有©
您的IP:216.73.216.33