期刊文献+
任意字段
题名或关键词
题名
关键词
文摘
作者
第一作者
机构
刊名
分类号
参考文献
作者简介
基金资助
栏目信息

开放式环境下一种基于信任度的RBAC模型 被引量:8

An RBAC Model Based on Trust Degree in Open Environment
下载PDF
导出
摘要 在开放式环境中,用户和资源的高流动性会导致基于角色的访问控制(RBAC)模型在角色指派和权限控制方面异常复杂。为此,提出一种基于信任度的弹性RBAC模型。利用评价机制确定用户与资源间的直接信任度及资源之间的推荐信任度,综合2种信任度计算用户的信任度和资源的权威度,结合用户的访问记录,为用户分配合理的角色和权限,并采用加性增、乘性减算法动态调整实体的信任度,从而防止恶意行为。基于Query Cycle Simulator的实验结果证明,该模型可以保证评价的合理性和准确性。 In open environment,the user nodes and resource nodes are variable,and it is almost impossible to check their priorities to access different kind of resources in the system in which the traditional Role Based Access Control(RBAC) model is adapted.To simplify the access control and standardize security strategy in open system,a flexible RBAC model based on trust degree is proposed.It uses the evaluation between the user node and resource node to calculate they direct trust,and employs the evaluation among the resource nodes to get the recommended trust of the resource nodes.Using the two trust values,together with the session history of user nodes and resource nodes,the system assigns the roles as well as its corresponding priorities for the user node flexibly.It adopts the Additive-increase,Multiplicative-decrease(AIMD) algorithm,which is widely used in TCP congestion control algorithm,in the trust evaluation to punish the node with malicious behaviors.
作者 邓文洋 周洲仪 林思明 刘金刚
机构地区 中国科学院计算技术研究所 首都师范大学计算机联合研究院
出处 《计算机工程》 CAS CSCD 2013年第2期112-118,共7页 Computer Engineering
基金 国家自然科学基金资助项目(60903139 60933005)
关键词 开放式环境 访问控制 评价机制 信任度 权威度 基于角色的访问控制模型 open environment access control evaluation mechanism trust degree authority degree Role-based Access Control(RBAC) model
分类号 TP309 [自动化与计算机技术—计算机系统结构]
  • 相关文献

参考文献9

  • 1Sandhu R S,Samarati P. Access Control:Principle and Practice[J].IEEE Communications Magazine,1994,(09):40-48.
  • 2林庆国,刘宴兵.一种基于信任的动态访问控制策略[J].重庆邮电大学学报(自然科学版),2010,22(4):478-482. 被引量:9
  • 3Ferraiolo D,Sandhu R,Gacrila S. Proposed NIST Standard for Role-based Access Control[J].ACM Transactions on Information and System Security,2001,(03):224-274.
  • 4Li Ninghui,Mitchell N,Mitchell J. Design of a Role-based Trust-management Framework[A].IEEE Press,2002.114-130.
  • 5Chadwick D,Otenko A,Ball E. Role-based Access Control with X.509 Attribute Certificates[J].IEEE Internet Computing,2003,(02):62-69.
  • 6Bakar A A,Jais J. A Review on Extended Role Based Access Control(E-RBAC) Model in Pervasive Computing Environment[A].[S.l.]:IEEE Press,2009.533-535.
  • 7胜骤;谢式千;潘承毅.概率论与数理统计[M]北京:高等教育出版社,2008.
  • 8Kurose J F,Ross K W. Computer Networking:A Top-down Approach Featuring the Internet[M].[S.l.]:Pearson Education,Inc,2005.
  • 9Luo Junzhou,Ni Xudong. A Fuzzy Trust Evaluation Based Access Control in Grid Environment[A].Dunhuang,China:[s.n.],2008.23-26.

二级参考文献12

  • 1刘玉龙,曹元大.分布网络环境主观信任模型研究[J].北京理工大学学报,2005,25(6):504-508. 被引量:19
  • 2NIX D, LUO J Z. A Clustering Analysis Based Trust Model in Grid Environment Supporting Virtual Organizations [ C ]//AINAW'08. Washington, DC, USA : IEEE Computer Society, 2008 : 100-105.
  • 3LIU Y C. Trust - Based Access Control for Collaborative System[ C]//CCCM'08. Washington, DC, USA: IEEE Computer Society, 2008:444-448.
  • 4CHEN Y, LUO J Z, NIX D. A Fuzzy Trust Evaluation Based Access Control in Grid Environment [ C ]// ChinaGrid'08. Washington, DC, USA: IEEE Computer Society, 2008 : 190-196.
  • 5JIANG L, LIU J X. Research on Web Services Maiden Business Trust Metrics, Appraisal and Filtration Model [ C]//ICYCS'08. Washington, DC, USA: IEEE Computer Society, 2008:850-855.
  • 6NIX D, LUO J Z. A Trust Aware Access Control in Service Oriented Grid Environment [ C ]//GCC'07. Washington, DC, USA. IEEE Computer Society, 2007 : 417- 422.
  • 7ELAHI N, CHOWDHURY M, NOLL J. Semantic Access Control in Web Based Communities [ C ]//ICCGI'08. Washington, DC, USA: IEEE Computer Society, 2008: 131-136.
  • 8DONG X H, WU Z F. Research on Trust Evaluation Model of Grid Services[ C]//NAS'08. Washington, DC, USA : IEEE Computer Society, 2008:373-380.
  • 9NIX D, LUO J Z. A Trust Degree Based Access Control for Multi-domains in Grid Environment [ C ] // CSCWD'07. New York, NY, USA: Elsevier Science Inc. , 2007:864-869.
  • 10LEI H, SHOJA G C S. A Distributed Trust Model for e-Commerce Applications [ C ]/! Proceedings of the 2005 IEEE International Conference on e-Technology, e-Commerce and e-Service. Washington, DC, USA: IEEE Computer Society,2005 : 290-293.

共引文献8

同被引文献68

  • 1范小康,何连跃,王晓川,刘晓东,林彬,申彤,宋晓虹.一种基于RBAC模型的角色管理方法[J].计算机研究与发展,2012,49(S1):211-215. 被引量:19
  • 2唐杰,梁邦勇,李涓子,王克宏.语义Web中的本体自动映射[J].计算机学报,2006,29(11):1956-1976. 被引量:96
  • 3沈海波,洪帆.基于属性的授权和访问控制研究[J].计算机应用,2007,27(1):114-117. 被引量:16
  • 4Struts-menu源码分析[EB/OL].http://www.raibledesigns.com/struts-menu.2006-9-10.
  • 5Ferraiolo D F, Barkley J F, Kuhn D R.A role based access control model and reference implementation within a corporate intranet[J].ACM Transactions on Information and System Security,1999,2( 1):47-68.
  • 6Sandhu R, Coyne E J, Feinstein H L, et al.Role-based access control models[J].IEEE Computer, 1996, 29(2): 38-47.
  • 7Epstein P, Sandhu R.Towards a UML based approach to role engineering[C]//Proceedings of the 4th ACM Work- shop on Role-Based Access Control,Fairfax, 1999.
  • 8Youman C, Coyne E, Sandhu R.Proceedings of the 3rd ACM Workshop on Role-Based Access Control[C].[S.l.]: ACM, 1998:555-557.
  • 9Ferraiolo D F, Sandhu R, Gavrila S, et al.Proposed NIST standard for role-based access control[J].ACM Transac- tions on Information and System Security,2001,43 (3) : 224-274.
  • 10陈雄华.Acegi框架介绍[EB/OL].程序员大本营.(2007)http://blog.csdn.net/bio_go/archive/2008/07/28/2723350.aspx/.

引证文献8

二级引证文献8

计算机工程
2013年 第2期

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部