摘要
访问控制是系统安全的关键技术,不同网络环境下的访问控制机制也是不同的.首先对3种传统的访问控制策略加以介绍,给出DAC(discretionary access control),MAC(mandatory access control)和RBAC(role-based access control)各自的特点及应用,并简要介绍下一代访问控制UCON(usage control)模型,然后分别针对网格、P2P、无线网络环境下的访问控制技术及目前的研究现状进行总结,详细阐述可信网络作为下一代互联网发展的必然目标,要求基于可信的访问控制模型保证其安全性,对可信和信誉模型进行了研究,最后给出访问控制技术的发展趋势.
Access control is an important technology for system security, and its mechanism is different for different networks. This paper first introduces the characteristics and applications of three traditional access control policies which are DAC (discretionary access control), MAC (mandatory access control) and RBAC (role-based access control), introduces the UCON (usage control) model, and then analyzes access control technology and current researches in Grid, P2P and wireless environment respectively. In addition, this paper proposes that trustworthy networks as the developing goal of the next generation Internet require using trust-based the access control model to assure security. This paper investigates on the trust and reputation model in detail, and finally gives the prospects of access control.
出处
《软件学报》
EI
CSCD
北大核心
2007年第4期955-966,共12页
Journal of Software
基金
SupportedbytheNationalNaturalScienceFoundationofChinaunderGrantNos.90412012
60273009(国家自然科学基金)
theNationalScienceFoundationforDistinguishedYouthScholarofChinaunderGrantNo.60429202(国家杰出青年科学基金)
关键词
自主访问控制
强制访问控制
基于角色的访问控制
可信模型
DAC (discretionary access control)
MAC (mandatory access control)
RBAC (role-based access control)
trust model
