期刊文献+
任意字段
题名或关键词
题名
关键词
文摘
作者
第一作者
机构
刊名
分类号
参考文献
作者简介
基金资助
栏目信息

协作信息系统的访问控制模型及其应用 被引量:6

Access control model and its application for collaborative information systems
下载PDF
导出
摘要 资源授权决策是协作信息系统面临的首要安全问题。首先结合角色、时态和环境的概念,介绍了行为的含义和基于行为的访问控制模型ABAC(action-based access control model),然后基于ABAC模型,给出了协作信息系统访问控制机制的流程;提出了包含用户请求、用户身份、口令、角色、时态状态、环境状态、生命期等安全属性的安全关联及其产生方法;给出了一种安全认证协议,使用此协议可以实现用户与行为服务器、资源管理服务器之间交换与ABAC模型相关的安全属性,并使用UC模型证明该协议的安全性。 The authorization decision on resources is the major problem in collaborative information systems. Firstly, the term "action" was defined based on roles, temporal states and environmental states, and the action-based access control (ABAC) model was presented. Then, the access control mechanism based on ABAC for collaborative information systems was introduced. The security association was defined and its producing procedure was proposed, which contains security properties such as user request, user identity, password, role, temporal state, environmental state and lifetime. Finally, to exchange the security properties among user, action server and resources management server, a secure authentication protocol was proposed, and its security was proven under the universally composable model.
作者 李凤华 王巍 马建峰 刘宏月
机构地区 西安电子科技大学计算机网络与信息安全教育部重点实验室
出处 《通信学报》 EI CSCD 北大核心 2008年第9期116-123,共8页 Journal on Communications
基金 国家高技术研究发展计划(“863”计划)基金资助项目(2007AA01Z472,2007AA01Z429,2007AA01Z482) 国家自然科学基金资助项目(60633020,60573036,60702059)~~
关键词 访问控制 协作信息系统 安全关联 认证协议 access control collaborative information system security association authentication protocol
分类号 TP309.2 [自动化与计算机技术—计算机系统结构]
  • 相关文献

参考文献11

  • 1GUTH S, SIMON B, ZDUN U. A contract and rights management framework design for interacting brokers[A]. Proceedings of the 36th Hawaii International Conference on System Sciences[C]. Big Island,HI, USA, 2003. 283-283.
  • 2PARK J S, HWANG J. Role-based access control for collaborative enterprise in peer-to-peer computing environments[A]. Proceedings of the eighth ACM Symposium on Access Control Models and Teehnologies(SACMAT'03)[C]. Como, Italy, 2003.93-99.
  • 3SHAFIQ B, BERTINO E, GHAFOOR A. Access control management in a distributed environment supporting dynamic collaboration[A]. Proceedings of the 2005 Workshop on Digital Identity Management(DIM'05)[C]. Fairfax, Virginia, USA, 2005. 104-112.
  • 4CUI X T, CHEN Y L, GU J Z. Ex-RBAC: an extended role based access control model for location-aware mobile collaboration system[A]. Proceedings of the Second International Conference on Internet Monitoring and Protection (ICIMP 2007) [C]. Silicon Valley, USA, 2007.36-41.
  • 5FURST K, SCHMIDT T, WIPPEL G. Managing access in extended enterprise networks[J]. IEEE Internet Computing, 2002, 6(5): 67-74.
  • 6LEE C, CHIANG C, HORNG M. Collaborative Web computing environment: an infrastructure for scientific computation[J]. IEEE Internet Computing, 2000, 4(2): 27-35.
  • 7SHAFIQ B, JOSHI J B D, BERTINO E, et al. Secure interoperation in a multidomain environment employing RBAC policies[J]. IEEE Transactions on Knowledge and Data Engineering, 2005, 17(11):1557-1577.
  • 8SANDHU R, BHAMIDIPATI V, MUNAWER Q. The ARBAC97 model for role-based administration of roles[J]. ACM Transactions on Information and System Security, 1999, 2(1): 105-135.
  • 9FERRAIOLO D F, SANDHU R, GAVRILA S, et al. Proposed NIST standard for role-based access control[J]. ACM Transactions on Information and System Security, 2001, 4(3): 224-274.
  • 10LI Fenghua,WANG Wei,MA Jianfeng,Sang JaeMoon.Action-Based Access Control Modelt[J].Chinese Journal of Electronics,2008,17(3):396-401. 被引量:7

共引文献6

同被引文献82

  • 1姚键,茅兵,谢立.一种基于有向图模型的安全策略冲突检测方法[J].计算机研究与发展,2005,42(7):1108-1114. 被引量:29
  • 2王小明,赵宗涛.基于角色的时态对象存取控制模型[J].电子学报,2005,33(9):1634-1638. 被引量:18
  • 3张宏,贺也平,石志国.一个支持空间上下文的访问控制形式模型[J].中国科学(E辑),2007,37(2):254-271. 被引量:21
  • 4石志国,贺也平,张宏.一种对等计算安全性的时间自衰减信任管理算法[J].计算机研究与发展,2007,44(1):1-10. 被引量:21
  • 5Ferraiolo D F, Sandhu R, Gavrila S, et al. Proposed NIST standard for role-based access control [J]. ACM Transactions on Information and System Security, 2001, 4 (3):224-274.
  • 6Bammigatti P H. Generic WA-RBAC: role based access control model for web applications [C]. Proceedings of the 9th Inter- national Conference on Information Technology. Bhubaneswar, India.. IEEE Computer Society, 2006: 237-240.
  • 7Takahi H, Amini M, Jalili R Enhacing role-based access control model through fuzzy relations [C]. Proceedings of the Third Inter- national Symposium on Information Assurance and Security. Man- chester, UK: IEEEComputer Society, 2007: 131-136.
  • 8ZHANG Dong-wen, PEI Xing, QIU Ji-Qing, et al. A delegation model for time constraims-based TRBAC [C]. Proceedings of the Eighth International Conference on Machine Learning and Cybemetics Baoding, China: IEEE Press, 2009: 2027-2032.
  • 9Ardagna C, Cremonini M, Damiani E, et al. Supporting location- based conditions in access control policies [C]. Proceedings of the ACM Symposium on Information, Computer and Communications Security. Taipei, Taiwan : ACM Press, 2006: 212-222.
  • 10Damiani M, Bertino E, Catania 13. GEO-RBAC: a spatially aware RBAC [J]. ACM Transactions on Information and Sys- tem Security, 2007, 10 (1): 1-42.

引证文献6

二级引证文献133

通信学报
2008年 第9期

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部