期刊文献+
任意字段
题名或关键词
题名
关键词
文摘
作者
第一作者
机构
刊名
分类号
参考文献
作者简介
基金资助
栏目信息

基于风险的访问控制操作需求计算方法研究 被引量:2

Research on computing method of operational need in risk-based access control
下载PDF
导出
摘要 针对基于风险的访问控制中缺乏对操作需求详细分析与量化,在分析操作需求的基础上,提出了一种静态与动态相结合的操作需求计算方法。引入访问目的层次结构,提出目的森林的概念,并给出客体目的森林遍历算法,从而计算静态操作需求;统计客体的被访问历史,并基于EWMA给出动态操作需求的计算方法。在分析静态和动态操作需求关系的基础上,给出操作需求的计算方法。讨论和分析结果表明,该方法能够更为准确、动态地体现访问操作需求。 To the deficiency of the detailed analysis and quantification of the operational need in risk-based access control, on the basis of analyzing the operational need, an operational need quantification method combining static and dynamic is proposed. Firstly, purpose hierarchy is introduced, the concept of purpose forest is presented and the object purpose forest traversing algorithm is given, which in turn computed the static operational need. Secondly, the object^s history of being accessed is counted, and then based on the EWMA, the computing method of the dynamic operational need is put forward. Finally, on the basis of analyzing the relation between the static and dynamic operational need, the computing method of the operational need is given. The discussion and analysis shows that it can reflect the access operational need more accurately and dynamically.
作者 解文冲 杨英杰 汪永伟 代向东
机构地区 解放军信息工程大学 河南省信息安全重点实验室
出处 《计算机工程与设计》 CSCD 北大核心 2013年第7期2281-2285,共5页 Computer Engineering and Design
基金 国家973重点基础研究发展计划基金项目(2011CB311901) 国家863高技术研究发展计划基金项目(2012AA012704) 河南省科技创新人才计划基金项目(114200510001)
关键词 访问控制 文件保护 操作需求 目的层次结构 指数加权移动平均 access control file protection operational need purpose hierarchy EWMA (exponentially weighted moving ave-rage)
分类号 TP309.2 [自动化与计算机技术—计算机系统结构]
  • 相关文献

参考文献11

  • 1Riaz Ahmed Shaikh, Kamel Adi, Luigi Logrippo. Dynamic risk-based decision methods for access control systems [J]. Computers & Security, 2012, 31 (4): 447-464.
  • 2Ahmed AL Faresi. Risk-based models for managing data privacy in healthcare [D]. USA: ProQuest Dissertations and Theses, 2011.
  • 3McGraw R. Risk-adaptable access control RADAC [R]. Privilege (Access) Management Workshop. NIST-National Institute of Standards and Technology-Information Technology Laboratory; 2009.
  • 4Cheng Pau-Chen, Pankaj Rohatgi, Claudia Keser. Fuzzy MLS.. An experiment on quantified risk-adaptive access control [C] //Oakland, California, USA: IEEE Symposium on Security and Privacy, 2007.
  • 5Ni Q, Bertino E, Lobo J. Risk-based access control systems built on fuzzy inferences [C] //NY, USA: Proceedings of the 5th ACM Symposium on Information, 2010.
  • 6Wang Q, Jin H. Quantified risk-adaptive access control for patient privacy protection in health information systems [C] // NY, USA: Proceedings of the 6th ACM Symposium on Information, 2011.
  • 7Li M, Sun X, Wang H, et al. Optimal privacy-aware path in hippocratic databases[J]. Database Systems for Advanced Applications, 2009, 5463: 441-455.
  • 8Massacci F. Hierarchical hippocratic databases with minimal disclosure for virtual organizations [J]. The International Journal on Very Large Data Bases, 2006, 15 (4): 370-387.
  • 9刘逸敏,周浩峰,王智慧,汪卫.Purpose融合:基于风险purpose的隐私查询访问控制[J].计算机学报,2010,33(8):1339-1348. 被引量:4
  • 10杨智,金舒原,段毅,方滨兴.多级安全中敏感标记的最优化挖掘[J].软件学报,2011,22(5):1020-1030. 被引量:6

二级参考文献25

  • 1李益发,沈昌祥.一种新的操作系统安全模型[J].中国科学(E辑),2006,36(4):347-356. 被引量:20
  • 2武延军,梁洪亮,赵琛.一个支持可信主体特权最小化的多级安全模型[J].软件学报,2007,18(3):730-738. 被引量:14
  • 3Lorrie F C,Lawrence L.Web Privacy with P3P.O′Reilly Media,Incorporated,2002.
  • 4OECD.Report on the cross-border enforcement of privacy laws.Oecd/Ocde 2006,2006.
  • 5Kabir M E,Wang H.Conditional purpose based access control model for privacy protection//Proceedings of the 20th Australasian Database Conference (ADC2009).Wellington,New Zealand,2009:137-144.
  • 6Agrawal R,Kiernan J,Srikant R,Xu Y.Hippocratic databases// Proceedings of the 28th International Conference on Very Large Data Bases(VLDB'02).Hong Kong,China,2002:143-154.
  • 7Byun J W,Bertino E,Lui N.Purpose-based access control for privacy protection in relational database systems.Purdue University,CERIAS Technical Report 2004-52,2004.
  • 8Byun J-W et al.Purpose based access control of complex data for privacy protection//Proceedings of the 10th ACM Symposium on Access Control Models and Technologies(SACMAT'05).Stockholm,Sweden,2005,102-110.
  • 9LeFevre K,Agrawal R,Ercegovac V.Limiting disclosure in hippocratic databases//Proceedings of the 30th International Conference on Very Large Data Bases(VLDB'04).Toronto,Canada,2004,30:108-119.
  • 10Editorial.Some issues in privacy data management.Data & Knowledge Engineering,2007,63(3):591-596.

共引文献8

同被引文献26

  • 1http://gd.qq.com/a/20150316/021748.htm[EB/OL].
  • 2http://www.ehnrailway.com/html/20150317/867407.shtml[EB/OL].
  • 3http://news.ifeng.com/a/20150121/4298523 l_0.shtml[EB/OL].
  • 4http://www.eweek.com/c/a/Health-Care-IT/Utah-Health-Care-Data- Breach-Exposed-About-780000-Patient-Files- 189084[EB/OL].
  • 5SANDHU R. The future of access control: attributes, automation, and adaptation[A]. Computational Intelligence, Cyber Security and Com- putational Models[C]. 2014.45-45.
  • 6SANDHU R, PIERANGELA S. Access control: principle and practice [J]. Communications Magazine, 1994, 32(9): 40-48.
  • 7GRAHAM G S, DENNING P J. Protection: principles and practice [A]. Proceedings of the Conference[C].ACM, 1972.417-429,.
  • 8HARRISON M A, RUZZO W L, ULLMANJ D. Protection in operat- ing systems[J]. Communications of the ACM, 1976, 19(8): 461-471.
  • 9SANDHU R, COYNE E, FEINSTEIN H, et al. Role-based access control models [J]. Computer, 1996, 29(2):38-47.
  • 10JASONPROGRAMOFFICE. Horizontal Integration: Broader Access Models for Realizing Information Dominance[R]. The MITRE Cor- poration 2004.

引证文献2

二级引证文献25

计算机工程与设计
2013年 第7期

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部