摘要
在高度动态的分布式环境下,传统单方向的访问控制已经不能为系统提供足够的可信赖性。本文分析了多种主体之间的相互关系,针对隐私保护问题提出了可管理的使用控制模型。该模型能够解决多种主体之间的并行控制、系列控制和使用控制问题。本文还对实现AUCON的安全体系结构和相关的安全机制进行了细致的描述。分层的方法可以为解决问题提供一个完整而高效的安全解决方案。
In today's dynamic distributed digital environments, the traditional one-way control no longer provides adequate trustworthiness. We review three kinds of subjects and analyze their relationships. Based on the usage control model, we propose an administrative usage control model named AUCON to resolve the access control problem for parallel control, series control,and usage control. AUCON provides a formal model which can control the provider subject to issue tickets for consumer subjects and monitor the access of consumers to privacy-sensitive objects. The architecture section presents formal structural ways in which appropriate mechanisms can be implemented to achieve predefined security objectives. This layered approach provides a whole effective security solution to the privacy protection problerrL
出处
《计算机工程与科学》
CSCD
2008年第3期130-132,152,共4页
Computer Engineering & Science
基金
国家自然科学基金资助项目(60403027)
湖北省自然科学基金资助项目(2005ABA243)
关键词
访问控制
多主体
管理模型
使用控制
access control
multi-subjects
administrative model
UCON