面向网络空间的访问控制模型

doi:10.11959/j.issn.1000-436x.2016109

摘要/Abstract

摘要：

提出一种面向网络空间的访问控制模型，记为 CoAC。该模型涵盖了访问请求实体、广义时态、接入点、访问设备、网络、资源、网络交互图和资源传播链等要素，可有效防止由于数据所有权与管理权分离、信息二次/多次转发等带来的安全问题。通过对上述要素的适当调整可描述现有的经典访问控制模型，满足新的信息服务和传播模式的需求。给出了CoAC管理模型，使用Z-符号形式化地描述了管理模型中使用的管理函数和管理方法。该模型具有极大的弹性、灵活性和可扩展性，并可进一步扩充完善，以适应未来信息传播模式的新发展。

关键词: 网络空间安全, 访问控制, 管理场景, 信息服务模式, 信息传播模式

Abstract:

A novel cyberspace-oriented access control model was proposed,termed as CoAC,which avoided the threats by comprehensively considering vital factors,such as access requesting entity,general tense,access point,device,networks,resource,internet-based interactive graph and chain of resource transmission.By appropriately adjusting these factors,CoAC emulated most of typical access control models and fulfilled the requirements of new information service patterns and dissemination modes.The administrative model of CoAC was also presented and the functions and methods for administrating CoAC were described by utilizing Z-notation.CoAC is flexible and scalable,it can be further refined and expanded to figure out new opportunities and challenges in the upcoming access control techniques.

Key words: cyberspace security, access control, administrative scene, information service pattern, information dissemi-nation mode

李凤华,王彦超,殷丽华,谢绒娜,熊金波. 面向网络空间的访问控制模型[J]. 通信学报, 2016, 37(5): 9-20.

Feng-hua LI,Yan-chao WANG,Li-hua YIN,Rong-na XIE,Jin-bo XIONG. Novel cyberspace-oriented access control model[J]. Journal on Communications, 2016, 37(5): 9-20.

图/表 5

图1

表1

图2

图3

表2

管理方法使用的函数"

函数名	描述	函数名	描述
verifyid	若用户身份和证书合法则返回 True，否则返回 Falseverifyid(userid,certification:NAME;outresult:BOOLEAN)?result=(userid∈U)(isvalid(certification))＞	verifyng	若请求的网络 reqng 满足网络 verifyng 的要求则返回True，否则返回Falseverifyng(reqng:NAME;out result:BOOLEAN)?reqng∈NGSTATESresult=( ?ng₁,ng₂∈validng·ng₁＜reqng＜ng₂)∧(q∈Q;d∈DSTATES;t∈TSTATES;l∈LSTATES;ng∈NGSTATES; p∈PERMISSIONS(q,sc= (q,t,l,d,reqng))∈QSC∧(sc=(q,t,l,d,reqng),p)∈SCP )?
isnable	若场景scene可用则返回True，否则返回Falseisnable(scene:NAME;out result:BOOLEAN)?scene∈SCENEresult=scene∈ENABLE^*?	n.activescbyu	返回用户user激活场景数量n.activescbyu(user:NAME;out result:N)?user USERSresult=N _{activ e U_total}(user)?
verifyt	若请求的广义时态re q t 满足广义时态状态verifyt的要求则返回True，否则返回Falseverifyt(reqt:NAME;out result:BOOLEAN)?reqt∈TSTATESresult=(?t₁,t₂∈validt·t₁＜reqt＜t₂)∧(q∈Q;t∈TSTATES;l∈LSTATES;d∈DSTATES;ng∈NGSTATES;p∈ PERMISSIONS(q,sc=(reqt,,l d,ng))∈ QSC ∧(sc=(q,reqt,l,d,ng),p)∈SCP)?	maxn.activescbyu	返回用户user最多能激活场景数量maxn.activescbyu(user:NAME;out result:N)?user∈USERSresult=N _{m ax U_total}(user)＞
verifyl	若请求的接入点 re q l 满足接入点 verifyl 的要求则返回True，否则返回Falseverifyl(reql:NAME;out result:BOOLEAN)?reql∈LSTATESresult=(?l₁,l∈validl·l₁＜reql＜l₂)∧(q∈Q;t∈TSTATES;l∈LSTATES;d∈DSTATES;ng∈NGSTATES;p∈PERMISSIONS(q,sc=(q,t,reql,d ,ng))∈QSC∧(sc=(q,t,reql,d ,ng),p)∈SCP)?	n.activescbyp	返回激活权限permission的场景数量n.activescbyp(user:NAME;out result:N)?user∈USERSresult=N _{max P_total}(user)?
verifyd	若请求的访问设备reqd满足访问设备verifyd的要求则返回True，否则返回Falseverifyd(reqd:NAME;out result:BOOLEAN)?reqd∈DSTATESresult=(?d₁,d₂∈validd·d₁＜reqd＜d₂)∧(q∈Q;d∈DSTATES;t∈TSTATES;l∈LSTATES;ng∈NGSTATES;p∈PERMISSIONS(q,sc=(q,t,l,reqd,ng))∈QSC∧(sc=(q,t,l,reqd,ng),p)∈SCP)?	maxn.activescbyp	返回最多能激活权限permission的场景数量P_totalmaxn.activescbyp(user:NAME;out result:N)?permission∈PERMISSIONSresult=N _{max P_total}(user)?

表2

参考文献 35

[1]	National Computer Security Center.Glossary of computer security terms NCSC-TG-004)[EB/OL].
[2]	BELL D E , LAPADULA L J . Secure computer systems:mathematical foundations[R]. MITRE CORP BEDFORD MA, 1973.
[3]	STALLINGS W . Network and internetwork security:princip and practice[M]. Englewood Cliffs:Prentice Hall, 1995.
[4]	FERRAIOLO D F , KUHN D R . Role-based access con-trol[C]// National Computer Security Conference. c1992: 554-563.
[5]	OH S , SANDHU R , ZHANG X . An effective role administration mod-el using organization structure[J]. ACM Transactions on Information and System Security (TISSEC), 2006,9(2): 113-137.
[6]	SANDHU R , BHAMIDIPATI V , MUNAWER Q . The ARBAC97 model for role-based administration of roles[J]. ACM Transactions on Information and System Security, 1999,2(1): 105-135.
[7]	SANDHU R , MUNAWER Q , The ARBAC99 model for administra-tion of roles[C]// Annual Computer Security Applications Conference. c1999: 229-238.
[8]	SANDHU R S , COYNE E J , FEINSTEIN H L , et al. Role-based access control models[J]. Computer, 1996(2): 38-47.
[9]	FREUDENTHAL E , PESIN T , PORT L , et al. dRBAC:distributed role-based access control for dynamic coalition environments[C]// In-ternational Conference on Distributed Computing System. c2002: 411-420.
[10]	LIU S , HUANG H . Role-based access control for distributed coopera-tion environment[C]// International Conference onComputational Intel-ligence and Security. c2009: 455-459.
[11]	PARK J , SANDHU R . The UCON ABC usage control model[J]. ACM Transactions on Information and System Security (TISSEC), 2004,7(1): 128-174.
[12]	KATT B , ZhANG X W , BREU R , et al. A general obligation model and continuity:enhanced policy enforcement engine for usage con-trol[C]// ACM Symposium on Access Control Models and Technolo-gies, Estes Park,CO,USA, c2008: 683-695.
[13]	LOVAT E , PRETSCHNER . Data-centric multi-layer usage control enforcement:a social network example[C]// ACM Symposium on Access Control Models and Technologies. Innsbruck,Austria, c2011: 151-152.
[14]	XU C , WANG Q , ZHANG W , et al. Temporal access control based on multiple subjects[C]// International Conference on Multimedia Infor-mation Networking and Security. c2009: 438-441.
[15]	BERTINO E , BONATTI P A , FERRARI E . TRBAC:a temporal role-based access control model[J]. ACM Transactions on Information and System Security (TISSEC), 2001,4(3): 191-233.
[16]	王小明, 赵宗涛 . 基于角色的时态对象存取控制模型[J]．电子学报, 2005,33(9): 1634-1638. WANG X M , ZHAO Z T . Role-based access control model of tem-poral object[J]. Acta Electronica Sinica, 2005,33(9): 1634-1638.
[17]	XU C , WANG Q , ZHANG W , et al. Temporal access control based on multiple subjects[C]// International Conference on Multimedia Infor-mation Networking and Security. c2009: 438-441.
[18]	YUAN E , TONG J . Attributed based access control (ABAC) for Web services[C]// The IEEE International Conference on Web Services. FL,USA, c2005: 561-569.
[19]	李晓峰, 冯登国, 陈朝武 , 等. 基于属性的访问控制模型[J]．通信学报, 2008,29(4): 90-98. LI X F , FENG D G , CHEN Z W , et al. Model for attribute based access control[J]. Journal on Communications, 2008,29(4): 90-98.
[20]	王小明, 付红, 张立臣 . 基于属性的访问控制研究进展[J]．电子学报, 2010,38(7): 1660-1667. WANG X M , FU H , ZHANG L C , et al. Research progress on attribute-based access control[J]. Acta Electronica Sinica, 2010,38(7): 1660-1667.
[21]	PIRRETTI M , TRAVNOR P , MCDANIEL P , et al. Secure attribute-based systems[J]. Journal of Computer Security, 2010,18(5): 799-837.
[22]	李凤华, 王巍, 马建峰 , 等. 基于行为的访问控制模型及其行为管理[J]．电子学报, 2008,36(10): 1881-1890. LI F H , WANG W , MA J F , et al. Action-based access control model and administration of actions[J]. Acta Electronica Sinica, 2008,36(10): 1881-1890.
[23]	RIVEST R , SHAMIR A , WAGNER D A . Time-lock puzzles and timed-release crypto[R]. MIT LCS Tech.Report MIT/LCS/TR-684, 1996.
[24]	CATHALO J , LIBERT B , QUISQUATER J J . Efficient and non-interactive timed-release encryption[M]. Information and Com-munications Security, 2005: 291-303.
[25]	PATERSON K G , QUAGLIA E A . Time-specific encryption[M]// Security and Cryptography for Networks, 2010: 1-16.
[26]	ZHOU L , VARADHARAJAN V , HITCHENS M . Enforcing role-based access control for secure data storage in the cloud[J]. The Computer Journal, 2011,54(10): 1675-1687.
[27]	BONEH D , FRANKLIN M . Identity-based encryption from the weil pairing[C]// CRYPTO, California,USA c2001: 213-229.
[28]	ROUSELAKIS Y , WATERS B . Practical constructions and new proof methods for large universe attribute-based encryption[C]// ACM Con-ference on Computer and Communications Security. Berlin,Germany, c2013: 463-474.
[29]	LEWKO A , WATERS B . Unbounded HIBE and attribute-based en-cryption[C]// Annual International Conference on the Theory and Ap-plications of Cryptographic Techniques. Tallinn,Estonia, c2011: 547-567.
[30]	GOYAL V , PANDEY O , SAHAI A , et al. Attribute-based encryption for fine-grained access control of encrypted data[C]// ACM Conference on Computer and Communications Security. VA,USA, c2006: 89-98.
[31]	BETHENCOURT J , WATERS B . Ciphertext-policy attribute-based encryption[C]// IEEE Symposium on Security and Privacy. California,USA, c2007: 321-334.
[32]	洪澄, 张敏, 冯登国 . AB-ACCS一种云存储密文访问控制方法[J]．计算机研究与发展， 2010,47(Z1): 259-265. HONG C , ZHANG M , FENG D G . AB-ACCS:a cryptographic access control scheme for cloud storage[J]. Journal of Computer Research and Development, 2010,47(Z1): 259-265.
[33]	CHENG Y , REN J , WANG Z , et al. Re-encryption optimization in CP-ABE based cryptographic cloud storage[C]// International Confe-rence on Cloud and Green Computing. Huanan,China, C2012: 173-179.
[34]	CHASE M , CHOW S S M . Improving privacy and security in mul-ti-authority attribute-based encryption[C]// ACM conference on Com-puter and Communications Security. Illinois,USA, C2009: 121-130.
[35]	LIU X , ZHANG Y , WANG B , et al. Mona:secure multi-owner data sharing for dynamic groups in the cloud[J]. IEEE Transaction on Pa-rallel and Distributed Systems, 2013,24(6): 1182-1191.

约束分类	约束		描述
场景可用约束	资源访问实体—场景约束		（Q,S,T,L,D,NG,assigin _Q/deassign _Q sc to q）
	场景可用/不可用		（Q,S,T,L,D,NG,enable/disable sc）
	资源访问实体、场景—权限分配		（Q,S,T,L,D,NG,assigin _P/deassign_P p to sc）
场景激活约束	激活场景的数量	用户	（Q,S,T,L,D,NG,N _active,active_{Q_total}）
	激活场景的数量	权限	（Q,S,T,L,D,NG,N _active,active_{P_total}）
	当前系统中激活场景的总数量	用户	（Q,S,T,L,D,NG,N _{m ax},active_{Q_total}）
	当前系统中激活场景的总数量	权限	（Q,S,T,L,D,NG,N _{m ax},active_{P_total}）