基于不同访问角色控制的石油勘探数据湖访问安全研究  

作　　者：刘兆年 张金波 李为冲 高博 LIU Zhaonian;ZHANG Jinbo;LI Weichong;GAO Bo(CNOOC Research Institute Ltd.,Beijing 100028,China)

机构地区：[1]中海油研究总院有限责任公司,北京100028

出　　处：《自动化与仪器仪表》2025年第3期25-28,33,共5页Automation & Instrumentation

摘　　要：对石油勘探数据湖访问安全问题进行研究,提出一种基于不同角色访问控制模型的恶意访问行为判断方法,对恶意访问石油勘探数据湖的访问行为进行标记和阻止访问。具体方法为对基于信任机制的RBAC模型进行改进,对工作人员当下访问行为的可信度值进行计算,通过可信度值来判断此次访问行为是否属于恶意访问,并决定是否阻止访问。研究目的是提高石油勘探数据湖的安全性和保密性。试验结果表明:本模型在输入测试样本数据的数量较少时,精确率、召回率和F1值分别为93.12%、94.93%、0.95,几乎可以对所有恶意访问行为进行阻拦,且随着输入测试样本数据的数量逐渐增大,对应的评价指标数值没有下降,精确率、召回率和F1值一直维持在93.52%、94.57%、0.95左右,综合表现优良,更适用于石油勘探数据湖访问安全问题,对恶意访问行为进行精准拦截,具有可行性和有效性。This article studies the security issues of accessing oil exploration data lakes and proposes a malicious access behavior detection method based on different role access control models to mark and block malicious access to oil exploration data lakes.The specific method is to improve the RBAC model based on trust mechanism,calculate the credibility value of the current access behavior of the staff,determine whether the access behavior belongs to malicious access through the credibility value,and decide whether to block the access.The research objective is to improve the security and confidentiality of oil exploration data lakes.The experimental results show that when the number of input test sample data is small,the accuracy,recall,and F1 value of the model in this article are 93.12%,94.93%,and 0.95,respectively,which can almost block all malicious access behaviors.As the number of input test sample data gradually increases,the corresponding evaluation index values do not decrease,and the accuracy,recall,and F1 value remain around 93.52%,94.57%,and 0.95,showing excellent comprehensive performance.It is more suitable for the security issues of oil exploration data lake access and has feasibility and effectiveness in accurately intercepting malicious access behaviors.

关 键 词：石油勘探数据 访问安全 恶意访问 RBAC 

分 类 号：TP39[自动化与计算机技术—计算机应用技术]