检索规则说明:AND代表“并且”;OR代表“或者”;NOT代表“不包含”;(注意必须大写,运算符两边需空一格)
检 索 范 例 :范例一: (K=图书馆学 OR K=情报学) AND A=范并思 范例二:J=计算机应用与软件 AND (U=C++ OR U=Basic) NOT M=Visual
名 称:
注 释:
机构地区:[1]广东工业大学计算机学院,广东广州
出 处:《计算机科学与应用》2019年第3期517-526,共10页Computer Science and Application
基 金:广东省科技计划项目(2017B090906003);广州市科技计划项目(201802010043、201807010058);机器智能与先进计算教育部重点实验室开放课题基金(MSC-201604A)的资助.
摘 要:由于存在非法用户对云中存储的数据的非法访问,云服务遭受各种各样的安全风险。通过访问控制进行合理授权是当前云安全问题中亟待解决的问题之一。针对此问题,本文提出了一种支持信任管理的基于角色和属性的访问控制模型(TRABAC)。首先,通过计算用户的信任值对其进行信任评估筛选出可信用户。其次,结合基于角色的访问控制模型(Role-Based Access Control, RBAC)与基于属性的访问控制模型(Attribute-Based Access Control, ABAC)来完成用户–角色分配和角色–权限分配,并根据相应的属性过滤策略动态地缩减用户–角色映射关系和角色–映射权限映射关系。最后,得到用户可以拥有的最小权限集合。安全性分析结果表明,该模型在云计算环境下能更好地实现动态安全和细粒度的访问控制。With the illegal access from illegal users to data which is stored in the cloud,cloud services suffer from a variety of security risks.Reasonable authorization through access control is one of the most urgent problems to be solved in current cloud security.To solve this problem,a Role and Attribute-Based Access Control model with Trust Management(TRABAC)is proposed.Firstly,the trusted users are screened out by calculating the trust value of the users.Secondly,the Role-Based Access Control(RBAC)model and the Attribute-Based Access Control(ABAC)model are combined to complete the user-role assignment and role-permission assignment.And the user-role mapping relationship and the role-permission mapping relationship are dynamically reduced according to the corresponding attribute filtering policy.Finally the minimum set of permissions that the user can have can be achieved.The security analysis results show that this model can achieve more dynamic security and fine-grained access control in the cloud computing environment.
分 类 号:TP39[自动化与计算机技术—计算机应用技术]
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在链接到云南高校图书馆文献保障联盟下载...
云南高校图书馆联盟文献共享服务平台 版权所有©
您的IP:216.73.216.97