期刊文献+
任意字段
题名或关键词
题名
关键词
文摘
作者
第一作者
机构
刊名
分类号
参考文献
作者简介
基金资助
栏目信息

支持组和属性层级的基于属性的访问控制模型

Attribute-based Access Control Model with GroupHierarchy and Attribute Hierarchy Support
下载PDF
导出
摘要 基于属性的访问控制(attribute-based access control,ABAC)机制越来越受到学术界和工业界的重视,因其灵活的策略定义和动态的授权决定能力.但目前ABAC存在着属性分配与管理、策略创建工作量大的问题.基于组层级和属性层级的ABAC模型(称作GHAHABAC),通过引进组层级和属性值层级,实现属性值和访问权限的继承,从而减少属性分配和策略规则构建的工作量.给出GHAHABAC模型的形式化定义,通过应用实例说明了模型的可用性. Attribute-based access control ( ABAC) mechanism is drawing great attention from both recentacademic and industry world because of its flexible policy specification and dynamic authorization decision-makingcapabilities. However the workloads of attribute assignment, attribute management and policy establishing relating tocurrent ABAC is very heavy, a group hierarchy and attribute value hierarchy based ABAC model with constraintssupport (called GHAHABAC) was proposed in this paper. By introducing both group hierarchies and attributevalue hierarchies, HGCABAC model achieves the attribute-value inheritance and access rights inheritance, andfinally simplifies attribute assignment and policy establishing tasks. Not only the formal specification of HGCABACmodel is provided, but also its usefulness is demonstrated with the several application examples.
作者 沈海波 SHEN Haibo(Department of Computer Science,Guangdong University of Education,Guangzhou,Guangdong,510303,P.R.China)
机构地区 广东第二师范学院计算机科学系
出处 《广东第二师范学院学报》 2018年第5期78-84,共7页 Journal of Guangdong University of Education
基金 广东第二师范学院教授科研专项基金资助项目(2014ARF24)
关键词 基于属性的访问控制 组层级 属性层级 属性继承 约束 模型 attribute-based access control group hierarchy attribute hierarchy attribute inheritance constraint model
分类号 TP309.2 [自动化与计算机技术—计算机系统结构]
  • 相关文献

参考文献2

二级参考文献21

  • 1钟勇,秦小麟,郑吉平,林冬梅.一种灵活的使用控制授权语言框架研究[J].计算机学报,2006,29(8):1408-1418. 被引量:15
  • 2袁禄来,曾国荪,王伟.基于Dempster-Shafer证据理论的信任评估模型[J].武汉大学学报(理学版),2006,52(5):627-630. 被引量:17
  • 3ZHANG X, LI Y, NALLA D. An attribute-based access matrix model[A]. Proceedings of the 2005 ACM Symposium on Applied Computing[C].2005.359-363.
  • 4WANG L Y, WIJESEKERA D, JAJODIA S. A logic-based framework for attribute based access control[A]. Proceedings of the 2004 ACM Workshop on Formal Methods in Security Engineering[C].2004.45-55.
  • 5BARKER S, STUCKEY P J. Flexible access control policy specification with constraint logic programming[J]. ACM Trans Inf Syst Secur, 2003,6(4): 501-546.
  • 6LI N H, MITCHELL J C, Datalog with constraints: a foundation for trust-management languages[A]. Proceedings of the Fifth International Symposium on Practical Aspects of Declarative Languages (PADL 2003)[C], New Orleans, Louisiana, 2003.28-73.
  • 7REVESZ E Introduction to Constraint Databases[M]. New York: Springer-Verlag, 2002.
  • 8ZHANG X W, PARISI-PRESICCE F, SANDHU R, et al. Formal model and policy specification of usage control[J]. ACM Transactions on Information and System Security (TISSEC), 2005, 8(4): 351-387.
  • 9DAHR M. Deductive Databases: Theory and Applications[M]. USA: International Thomson Computer Press, 1997.
  • 10ULLMAN J. Principles of Database and Knowledge-Base Systems(volume Ⅰ and volume Ⅱ)[M]. Rockville MA:Computer Science Press, 1989.

共引文献160

广东第二师范学院学报
2018年 第5期

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部