期刊文献+
任意字段
题名或关键词
题名
关键词
文摘
作者
第一作者
机构
刊名
分类号
参考文献
作者简介
基金资助
栏目信息

云计算中基于否定规则的访问控制技术的研究 被引量:5

RESEARCH ON DENY RULE-BASED ACCESS CONTROL TECHNOLOGY IN CLOUD COMPUTING
下载PDF
导出
摘要 数据的安全性和隐私保护给云计算领域带来了极大挑战,为实现合作企业间在云环境下公开共享部分数据且不涉及保密信息,提出一种基于否定规则的访问控制技术。主要思想是通过判断访问查询是否授权,检测授权与否定规则是否存在冲突,来达到阻止非法访问的目的。理论分析和实验结果表明该机制能有效地保障云数据的安全。 The security of data and the privacy protection bring huge challenges to cloud computing field. In order to implement part sha- ring of the data publicly among the cooperative enterprises in cloud environment without involving into confidential information, in this paper we provide an access control method which is based on negative rules. The main idea of the method is to detect whether the authorisation con- flicts with the negative rules through judging the authorisation of access and query so that to reach the goal of preventing the illegal accesses. Both the theoretical analysis and experimental results show that this mechanism can ensure the security of cloud data effectively.
作者 吴正学 戴牡红
机构地区 湖南大学信息科学与工程学院
出处 《计算机应用与软件》 CSCD 北大核心 2014年第1期30-33,72,共5页 Computer Applications and Software
基金 湖南省自然科学基金项目(2011FJ3034)
关键词 云计算 数据安全 访问控制 授权规则 否定规则 Cloud computing Data security Access control Authorisation rule Negative rule
分类号 TP392 [自动化与计算机技术—计算机应用技术]
  • 相关文献

参考文献11

  • 1Armbrust M,Fox A,Griffith R. Above the clouds:A berkeley view of cloud computing[OL].http://www.EECS.berkeley.edu/Pubs/TechRpts/2009/EECS-2009-28.pdf,2009.
  • 2Vimercati S,Foresti S,Jajodia S. Controlled information sharing in col-laborative distributed query processing[A].2008.303-310.
  • 3Agrawal R,Asonov D,Kantarcioglu M. Sovereign joins[A].2006.26.
  • 4冯登国,张敏,张妍,徐震.云计算安全研究[J].软件学报,2011,22(1):71-83. 被引量:1072
  • 5Cali A,Martineghi D. Querying data under access limitations[A].2008.50-59.
  • 6Florescu D,Levy A Y,Manolescu I. Query optimization in the presence of limited access patterns[A].1999.311-322.
  • 7Li C. Computing complete answers to queries in the presence of limited access patterns[J].{H}VLDB JOURNAL,2003,(03):211-227.
  • 8Bernstein P,Goodman N,Wong E. Query processing in a sys-tem for distributed databases (SDD-1)[J].ACM Transactions on Da-tabase Systems,1981,(04):602-625.
  • 9Aho A V,Beeri C,Ullman J D. The theory of joins in relational data-bases[J].ACMTransactions on Database Systems,1979,(03):297-314.
  • 10Kossmann D. The state of the art in distributed query processing[J].ACMComputing Surveys,2000,(04):422-469.

二级参考文献24

  • 1罗武庭.DJ—2可变矩形电子束曝光机的DMA驱动程序[J].LSI制造与测试,1989,10(4):20-26. 被引量:373
  • 2Organization for the Advancement of Structured Information Standards (OASIS) http://www.oasis-open.org/.
  • 3Distributed Management Task Force (DMTF) http://www.dmtf.org/home.
  • 4Cloud Security Alliance http://www.cloudsecurityalliance.org.
  • 5Crampton J, Martin K, Wild P. On key assignment for hierarchical access control. In: Guttan J, ed, Proc. of the 19th IEEE Computer Security Foundations Workshop--CSFW 2006. Venice: IEEE Computer Society Press, 2006. 5-7.
  • 6Damiani E, De S, Vimercati C, Foresti S, Jajodia S, Paraboschi S, Samarati P. An experimental evaluation of multi-key strategies for data outsourcing. In: Venter HS, Eloff MM, Labuschagne L, Eloff JHP, Solms RV, eds. New Approaches for Security, Privacy and Trust in Complex Environments, Proc. of the IFIP TC-11 22nd Int'l Information Security Conf. Sandton: Springer-Verlag, 2007. 395-396.
  • 7Bethencourt J, Sahai A, Waters B. Ciphertext-Policy attribute-based encryption. In: Shands D, ed. Proc. of the 2007 IEEE Symp. on Security and Privacy. Oakland: IEEE Computer Society, 2007. 321-334. [doi: 10.1109/SP.2007.11].
  • 8Yu S, Ren K, Lou W, Li J. Defending against key abuse attacks in KP-ABE enabled broadcast systems. In: Bao F, ed. Proc. of the 5th Int'l Conf. on Security and Privacy in Communication Networks. Singapore: Springer-Verlag, http://www.linkpdf.com/ ebook-viewer.php?url=http://www.ualr.edu/sxyul/file/SecureCommO9_AFKP_ABE.pdf.
  • 9Ibraimi L, Petkovic M, Nikova S, Hartel P, Jonker W. Ciphertext-Policy attribute-based threshold decryption with flexible delegation and revocation of user attributes. Technical Report, Centre for Telematics and Information Technology, University of Twente, 2009.
  • 10Roy S, Chuah M. Secure data retrieval based on ciphertext policy attribute-based encryption (CP-ABE) system for the DTNs. Technical Report, 2009.

共引文献1071

同被引文献71

引证文献5

二级引证文献24

计算机应用与软件
2014年 第1期

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部