期刊文献+
任意字段
题名或关键词
题名
关键词
文摘
作者
第一作者
机构
刊名
分类号
参考文献
作者简介
基金资助
栏目信息

基于信任度的网格动态访问控制研究 被引量:4

Trustworthiness-Based Dynamic Access Control for Grid Application
下载PDF
导出
摘要 针对网格环境下的访问控制技术需要解决与陌生实体建立动态信任关系等问题,提出了一种基于信任度的动态访问控制(TBDAC)模型.TBDAC模型综合了信任管理和RBAC模型的优势,首先通过自动信任协商为用户分配普通角色,从而有机结合了认证和访问控制.TBDAC模型将普通角色派生系列临时角色,为临时角色分配带有信任阈值的权限集,通过实时计算出的用户信任值激活临时角色,实现了细粒度和动态授权.TBDAC模型已投入测试,运行正常. Considering the access control technology in grid environment, which calls for the establishment of a dynamic trust relationship with strangers, the trustworthiness-based dynamic access control (TBDAC) model was presented. TBDAC model integrated the merits of both role based access control(RBAC) and trust management. Firstly, regular roles for users were assigned by automated trust negotiation, seamlessly integrating authentication and access control. Then, it derived temporary roles from regular roles and assigned privilege set with trustworthiness thresholds for temporary roles, activating temporary roles to promptly calculate the values of trustworthiness of users to achieve fine-grained and dynamic authorization. Tests have shown that TBDAC model is excellently implemented.
作者 陈旭日 徐炜民 沈文枫
机构地区 上海大学计算机工程与科学学院
出处 《湖南大学学报(自然科学版)》 EI CAS CSCD 北大核心 2008年第7期85-89,共5页 Journal of Hunan University:Natural Sciences
基金 湖南省自然基金资助项目(05JJ40101)
关键词 网格 信任度 RBAC模型 信任协商 grid trustworthiness RBAC model trust negotiation
分类号 TP393 [自动化与计算机技术—计算机应用技术]
  • 相关文献

参考文献9

  • 1FOSTER I, KESSELMAN C. The grid, blueprint for a new computing infrastructure[M]. San Francisco: Morgan Kaufman Publishers, 1999.
  • 2PEARLMAN L, WELCH V. A community authorization service for Group collaboration [ C]//IEEE 3rd International Workshop on Policies for Distributed Systems and Networks. Los Mamito, 2002 : 50 - 59.
  • 3CHADWICK D W, OTENKO O, The PERMIS X. 509 role based privilege management infrastructure[ C]//Proc of the 7th ACM Symposium on Access Control Models and Techologies. New York, 2002 : 135 - 140.
  • 4翟征德,冯登国,徐震.细粒度的基于信任度的可控委托授权模型[J].软件学报,2007,18(8):2002-2015. 被引量:34
  • 5YAO H,HU H. Dynamic role and context-based access control for grid appllcation[C]//Proc of the 6th International Conf on Parallel and Distributed Computing: Applications and Technologies. IEEE Computer Society, 2005:404 - 406.
  • 6WINSBOROUGH W H, SEAMONS K E, JONES V E. Automated trust negotiation [C]//DARPA Information Survivability Conf and Exposition. New York,2002:88 - 102.
  • 7谢冬青,秦大力,柳春雷.一种基于广义传递闭包的信任评估模型TREM[J].湖南大学学报(自然科学版),2005,32(2):113-117. 被引量:3
  • 8JφSANG, KNAPSKOG S J. A metric for trusted systems[ C]// Global IT Security. Wien: Austrian Computer Society, 1998: 541 - 549.
  • 9SMITH B,SEAMONS K E,JONES M D. Responding to policies at runtime in trustbuider[ C]//Proc of the 5th Int' l Workshop on Policies for Distributed Systems and Networks. Washington, 2004:149 - 158.

二级参考文献33

  • 1BLAZE M, FEIGENBAUM J, LACY J. Decentralized Trust Management[ A]. Proceedings of IEEE Symposium on Security and Privacy[C]. Oakland: IEEE, 1996. 164-173.
  • 2BLAZE M, FEIGENBAUM J, IOANNIDIS J, et al. RFC2704:The KeyNote Trust Management System ( version 2 ) [ EB/OL ].http://www. crypto. com/papers/rfc2704. txt, 1999 - 09 - 01/2004-03- 12.
  • 3ABDUL-RAHMAN A, HAILES S. A Distributed trust model[A]. Proceedings of the New Security Paradigins Workshop[C].Cumbria: ACM, 1998. 48-60.
  • 4CHU Y H, FEIGENBAUM J, LAMACCHIA B, et al. REFEREE: trust management for Web applications[J ]. World Wide Web Journal, 1997, 2(2): 127 - 139.
  • 5CLARKED, ELIENJE, ELLISONC, et al. Certificate chain discovery in SPKI/SDSI [ J ]. Journal of Computer Security,2001, 9(4): 285 - 322.
  • 6SOMESH J, THOMAS R. Analysis of SPKI/SDSI certificates using model checking [ A]. Proceedings of the fifteenth IEEE Computer Security Foundations Workshop[ C]. Washington D C:IEEE, 2002. 129 - 144.
  • 7LI N H,MITCHELL J C. Datalog with constraints: A foundation for trust management languages[A]. Proceedings of the Fifth International Symposium on Practical Aspects of Declarative Languages[C]. New Orleans:Springer, 2003. 58-73.
  • 8LI N H, MITCHELL J C,WINSBORUGH W. Design of a role-based trust management framework[A]. Proceedings of the IEEE Symposium on Security and Privacy[C]. Washington D C: IEEE, 2002.114-130.
  • 9LI N H, WINSBORUGH W, MITCHELL J C. Distributed credential chain discovery in trust management[J ]. Journal of Computer Security,2003, 11(1):35-86.
  • 10GAMBETTA D. Canwe trust trust? [A] Trust: Making and Breaking Cooperative Relations[C]. Basil Blackwell: Oxford Press, 1990,213 - 237.

共引文献35

同被引文献32

  • 1谢冬青,秦大力,柳春雷.一种基于广义传递闭包的信任评估模型TREM[J].湖南大学学报(自然科学版),2005,32(2):113-117. 被引量:3
  • 2林闯,封富君,李俊山.新型网络环境下的访问控制技术[J].软件学报,2007,18(4):955-966. 被引量:67
  • 3蔡红霞,俞涛,方明伦.制造网格中访问控制的研究[J].计算机集成制造系统,2007,13(4):716-720. 被引量:8
  • 4网格中间件简介[EB/OL].http://www.sccas.cn/gb/pub/200601180001.pdf.
  • 5Raj Tuladhar.Inter-Domain Authentication for Seamless Roaming in Heterogeneous Wireless Networks[D].Kathmandu:Kathmandu University,2003.
  • 6Sang J,Knapskog S J.A metric for trusted systems[C]// Global IT Security Wien:Austrian Computer Society.1998:541-549.
  • 7宋俊昌,苏成.信任在访问控制中的应用及研究[J].计算机工程与设计,2007,28(19):4609-4611. 被引量:3
  • 8Snyder L. Formal models of capability-based protection systems[ J]. IEEE Transactions on Computers, 1981,30(3) :172-181.
  • 9Ferraiolo D, Kuhn R. Role-Based access controls [ C ] //. In: Proceedings of the 15th NIST-NCSC National Computer Security Conference. 1992. 554-563.
  • 10Sandhu R, Conyne EJ, Lfeinstein H, Youman CE. Role basedaccess control models [ J ]. IEEE Computer, 1996,29 ( 2 ) :38 47.

引证文献4

二级引证文献7

湖南大学学报(自然科学版)
2008年 第7期

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部