期刊文献+
任意字段
题名或关键词
题名
关键词
文摘
作者
第一作者
机构
刊名
分类号
参考文献
作者简介
基金资助
栏目信息

具有特征判断能力的使用控制模型研究 被引量:3

Usage Control Model with the Ability of Character Judging
下载PDF
导出
摘要 传统访问控制的研究重点是授权策略,关注的是如何为主体分配权限以及如何限制主体使用分配得到的权限。目前绝大多数访问控制策略仍无法识别与控制具有访问权限的非法用户。在分析传统访问控制策略不足的基础上,提出了一种基于UCON的具有访问特征判断能力的使用控制模型——C-UCON。该模型通过在UCON的基础上引入既定义务、待定义务、即定条件、待定条件以及特征和激活规则来对访问进行主观判断,从而降低或者排除具有访问权限的非法用户所带来的安全威胁。 The emphases of traditional access control studying is the policy of authorization, the studying is focus on how to distribute permissions to subject and how to restrict the using of these permissions. Based on the analysis of traditional access control,we introduced a new mode, C_UCON, which is based on the UCON and has the ability to judge the character of accessing. By introducing assure obligations, unsure obligations, assure conditions, unsure conditions, characters and active rules, the C UCON has the ability to judge accessing subjectively, thereby reduce or exclude those threats from the illegal users who has permission.
作者 石伟丞 谭良 周明天
机构地区 四川师范大学计算机学院 中国科学院计算技术研究所 电子科技大学计算机科学与工程学院
出处 《计算机科学》 CSCD 北大核心 2010年第6期86-90,96,共6页 Computer Science
基金 国家自然科学基金项目(60970113) 四川省科技厅项目(2008JY0105-2) 四川省教育厅项目(07ZA091) 实验室专项基金(2006ZD022)资助
关键词 信息安全 访问控制 使用控制 特征 Information security, Access control, Usage control, Character
分类号 TP309 [自动化与计算机技术—计算机系统结构]
  • 相关文献

参考文献6

二级参考文献67

  • 1徐震,李斓,冯登国.基于角色的受限委托模型[J].软件学报,2005,16(5):970-978. 被引量:52
  • 2Ferraiolo DF, Sandhu R, Gavrila S. Proposed NIST standard for role-based access control. ACM Transactions on Information and System Security, 2001,4(3):224-274.
  • 3Osbom S, Sandhu R. Configuring role-based access control to enforce mandatory and discretionary access control policies. ACM Transactions on Information and System Security, 2000,3(2):85-106.
  • 4AHN G-J, Sandhu R. Role-Based authorization constraints specification. ACM Transactions on Information and System Security, 2000,3(4):207-226.
  • 5Sandhu R. Issues in RBAC. In: Youman C, Sandhu R, Coyne E, eds. Proceedings of the 1st ACM Workshop on Role-based access control. ACM Press, 1996. 21-24.
  • 6Ferraiolo D, Kuhn R. Role based access control. In: Proceedings of the 15th National Computer Security Conference, National Institute of Standards and National Computer Security Center. 1992. 641-650.
  • 7董光宇 卿斯汉 刘克龙.带时间特性的角色授权约束.软件学报,2002,13(8):1521~1527[EB/OL].http://www.jos.org.cn/1000-9825/13/1521.pdf.,.
  • 8陈爱民,计算机的安全与保密,1992年
  • 9Xu Z, Feng DG, Li L, Chen H. UC-RBAC: A usage constrained role-base access control model. In: Qing SH, Gollmann D, Zhou JY, eds. Proc. of the 5th Int'l Conf. on Information and Communications Security. LNCS 2836, Heidelberg: Springer-Verlag, 2003.337-347.
  • 10Gasser M, McDermott E. An architecture for practical delegation in a distributed system. In: Cooper D, Lunt T, eds. Proc. of the1990 IEEE Computer Society Symp. on Research in Security and Privacy. Oakland: IEEE Computer Society Press, 1990. 20-30.

共引文献170

同被引文献39

  • 1郭亚军,李蓉.普适计算的访问控制研究[J].华中师范大学学报(自然科学版),2006,40(4):504-506. 被引量:2
  • 2姚寒冰,胡和平,李瑞轩.上下文感知的动态访问控制模型[J].计算机工程与科学,2007,29(5):1-3. 被引量:6
  • 3Stein S, Payne T, Jennings N. Flexible provisioning of web service workflows[J]. ACM Transactions on In- ternet Technology, 2008,9 (1) : 01-44.
  • 4Michael M, Christian W, Christoph M. Access control for cross-organizational Web service composition [J]. Journal of Information Assurance and Security, 2007,2(3) : 155-160.
  • 5Thomas R K, Sandhu R. Task-based authentication controls (TABC):A family of models for active and enterprise-oriented authentication management [DB/ OL]. [ 2010-01-06 ]//http : profsandhu. com/confrnc/ i fip/ i97tbac. pdf .
  • 6Sandhu R, Edward J, Feinsteink H, et al. Role based access control models[J]. IEEE Computer, 1996, 29 (2) :38-47.
  • 7Atluri V, Shin H, Vaidya J, et al. Efficient security pol- icy enforcement for the mobile environment[J]. Jour- nal of Computer Security, 2008,16(4) :439-475.
  • 8Wang Xin, Zhang Yanchun, Shi Hao, el al. BPEL4RBAC: An authorization specification for WS- BPEL[DB/OL]. [2010-02-01]. http:/ /www. springer- link. com/content/q2kj502mh4390574/ fulltext. pdf .
  • 9Park J, Sandhu R. The UCONABc usage control model [ J ]. ACM Transaction on Information and System Se- curity, 2004,7 ( 1 ) : 128-174.
  • 10Subashini S,Kavitha V. A survey on security issues in service delivery models of Web services computing[J]. Journal of Network and Computer Applications, 2011,34(1):1-11.

引证文献3

二级引证文献7

计算机科学
2010年 第6期

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部