通信学报 ›› 2016, Vol. 37 ›› Issue (11): 49-56.doi: 10.11959/j.issn.1000-436x.2016220

• 学术论文 • 上一篇    下一篇

动态自适应访问控制模型

史国振1,2,王豪杰3,慈云飞1,叶思水4,郭云川5()   

  1. 1 北京电子科技学院信息安全系,北京 100070
    2 西安电子科技大学计算机学院,陕西 西安 710071
    3 西安电子科技大学通信工程学院,陕西 西安 710071
    4 瑞庭网络技术(上海)有限公司房产技术部,上海 200127
    5 中国科学院信息工程研究所信息安全国家重点实验室,北京 100093
  • 出版日期:2016-11-25 发布日期:2016-11-30
  • 基金资助:
    国家重点研发计划基金资助项目;北京市自然科学基金资助项目;江苏省自然科学基金资助项目

Dynamic and adaptive access control model

Guo-zhen SHI1,2,Hao-jie WANG3,Yun-fei CI1,Si-shui YE4,Yun-chuan GUO5()   

  1. 1 School of Information Security, Beijing Electronic Science and Technology Institute, Beijing 100070, China
    2 School of Computer Science and Technology, Xidian University, Xi'an 710071, China
    3 School of Telecommunications Engineering, Xidian University, Xi'an 710071, China
    4 Dept. of House Technology, Ruiting Networking Technology (Shanghai) Co, Ltd., Shanghai 200127, China
    5 State Key Laboratory of Information Security, Institute of Information Engineering, Chinese Academy of Sciences, Beijing 100093, China
  • Online:2016-11-25 Published:2016-11-30
  • Supported by:
    The National Key Research Program of China;The Natural Science Foundation of Beijing;The Natural Science Foundation of Jiangsu Province

摘要:

随着云计算技术、智慧城市及移动办公的发展和移动智能设备的出现,资源所处的网络环境越来越复杂,传统的访问控制模型已很难满足多样化的访问控制条件以及访问控制策略动态自适应调整的需求。以基于行为的访问控制模型为基础,结合资源生命周期管理,提出了一种动态自适应访问控制模型。该模型以资源生命周期为中心,充分考虑资源的生命周期阶段及其访问控制策略的关联性和动态性,使资源访问控制策略能够随着资源生命周期所处阶段的变化而自动变化,提高了访问控制的灵活性和复杂网络环境下的适用性;模型加入用户访问行为历史管理功能,考虑用户的历史访问行为,进一步约束主体的访问能力,提高模型适应开放的网络环境的能力。最后,在通用访问控制系统和云访问控制系统中对该模型进行了实现和验证。

关键词: 访问控制, 基于行为的访问控制模型, 资源生命周期管理, 动态自适应, 用户历史访问行为

Abstract:

With the development of cloud computing technology, smart city and mobile office and emergence of mobile smart devices, the resources' environment is increasing complex. The traditional access control model has been difficult to meet the diverse access control requirements and the dynamic and adaptive access control policy. A dynamic and adap-tive access control model combining the resource life cycle management based on ABAC was proposed. The model fo-cused on resource life cycle management considering the relevance of the resource life cycle management and access control policy. In this model, the policy can be changed as the resource life cycle states' change, so the applicability has been improved. In addition, the user access behavior history management function was added in this model, which can adapt the environment better by considering history of user access behavior. At last, the model in general and cloud com-puting access control system was implemented and verified.

Key words: access control, action-based access control model, resource life cycle, dynamic adaptation, user access be-havior history

No Suggested Reading articles found!