期刊文献+
任意字段
题名或关键词
题名
关键词
文摘
作者
第一作者
机构
刊名
分类号
参考文献
作者简介
基金资助
栏目信息

具有角色特性的UCON属性管理研究 被引量:5

Research of attributes management of UCON with role properties
下载PDF
导出
摘要 属性作为UCON模型的核心元素,缺乏灵活简洁的管理机制。针对该问题,通过分析核心UCON模型属性的特征,提出了一种具有角色特性的属性管理结构(MASUR)。该结构依据创建属性的能力将主体划分为系统管理主体、属主主体和一般主体,扩展了核心UCON模型的中心化管理方式,具备了区分各主体的职责能力;然后将属性分为系统属性、自主属性和受控属性,提出属主的概念,明确地限定属性的更新主体;最后借鉴成熟的RBAC成果,引入属性角色与操作角色,以适用于现代大规模系统的属性分类和管理。MASUR为现代系统提供了一种对属性更宽泛、更细粒度的灵活控制方法。 Attributes as the core element of UCON model, are short of a brief and flexible administrative pattern. To solve this problem, this paper analyzed the properties of attributes of core UCON model and proposed a managed attributes structure of UCON model with role properties(MASUR). MASUR was sorted into system administrative subjects, owner subjects and ge- neral subjects by the ability of creating attributes. Thus, it expanded the centric-administration mode of core UCON model and owned the ability to clarify the duties of subjects. Moreover, MASUR had three attribute types:system attributes,discretionary attributes and other-controlled attributes, and gave a new concept" owner" to clearly restrict the subjects to updating attribute' s value. Considered the mature theory result of RBAC, the structure involved the attributes role and operator role, which was more convenient to the attributes classifies in modem large-scale systems. MASUR gave a wider and fine-grained flexible con- trolling attributes method in modern systems.
作者 蔡伟鸿 王高举 陈华华
机构地区 汕头大学计算机系
出处 《计算机应用研究》 CSCD 北大核心 2014年第5期1463-1466,共4页 Application Research of Computers
基金 广东省自然科学基金资助项目(S2011010004197) 广东高校工程技术研究中心建设项目(GCZX-A1306) 汕头市科技计划资助项目(2011-134-149) 汕头大学创新团队资助项目(ITC12001)
关键词 属性管理 属性角色 操作角色 属主 UCON MASUR attributes management attributes role operator role owner UCON MASUR
分类号 TP315 [自动化与计算机技术—计算机软件与理论] TP309 [自动化与计算机技术—计算机系统结构]
  • 相关文献

参考文献14

  • 1JIN Xin,KRISHNAN R,SANDHU R.A unifed attribute-based access control model covering DAC MAC and RBAC[C]//Proc of the 26thIFIP WG 11.3 Annual Conference on Data and Applications Security and Privacy.Berlin:Springer-Verlag,2012:41-55.
  • 2PRETSCHNER A,HILTY M,BASIN D,et al.Mechanisms for usage control[C]//Proc of ACM Symposium on Information,Computer and Communications Security.New York:ACM Press,2008:240-244.
  • 3CHEN Dan-wei,HUANG Xiu-li,REN Xun-yi.Access control of cloud service based on UCON[C]//Proc of the 1st International Conference on Cloud Computing.Berlin:Springer-Verlag,2009:559-564.
  • 4FUCHS L,PERNUL G,SANDHU R.Roles in information security:a survey and classification of the research area[J].Computers and Security,2011,30(8):748-769.
  • 5KUHN D R,COYNE E J,WEIL T R.Adding attributes to role-based access control[J].Computer,2010,43(6):79-81.
  • 6HUANG Jing-wei,DAVID M N,BOBBA R,et al.A framework integrating attribute-based policies into RBAC[C]//Proc of the 17th ACM Symposium on Access Control Models and Technologies.New York:ACM Press,2012:187-196.
  • 7符湘萍,吴振强,杨蓓.一种基于可信度和属性的RBAC授权模型[J].计算机应用研究,2011,28(2):742-745. 被引量:4
  • 8BASIN D,HARVAN M,KLAEDTKE F,et al.Monitoring usage-control policies in distributed systems[C]//Proc of the 18th International Symposium on Temporal Representation and Reasoning.Berlin:Springer-Verlag,2011:88-95.
  • 9JIANG Ze-tao,HU Shuo,GAN Sheng-ke,et al.Research on an UCON model supporting distributed management[C]//Proc of IEEE International Conference on Information and Automation.2008:1520-1524.
  • 10熊智,徐江燕,王高举,李江,蔡伟鸿.基于角色和规则引擎的UCON应用模型[J].计算机工程与设计,2013,34(3):831-836. 被引量:4

二级参考文献25

  • 1刘宏月,阎军智,马建峰.基于可信度的细粒度RBAC访问控制模型框架[J].通信学报,2009,30(S1):51-57. 被引量:7
  • 2芮国荣,邢桂芬.基于角色和规则的访问控制[J].计算机应用,2005,25(4):864-866. 被引量:15
  • 3郑宇,何大可,梅其祥.支持可信计算的软件保护模型[J].西南交通大学学报,2006,41(1):63-67. 被引量:7
  • 4姚寒冰,胡和平,李瑞轩.上下文感知的动态访问控制模型[J].计算机工程与科学,2007,29(5):1-3. 被引量:6
  • 5Ravi Sandhu,Jaehong Park.Usage control:a vision for next generation access control[C]//Proceedings of the Seventh ACM Symposium on Access Control Models and Technologies.New York:ACM Press,2004:57-64.
  • 6Zhang X,Park J,Parisi-Presicce F,et al.A logical specification for usage control[C]//Proc.of the 9th ACM Symposium on Access Control Models and Technologies.New York,2004.
  • 7SANDHU R S, COYNE E J, FEINSTEIN H L, et al. Role-based access control models[J] .IEEE Computer, 1996,29(2):38-47 .
  • 8FERRAIOLO D F,SANDHU R,GUIRILA S,et al.Proposed NIST standard for role-based access control[J].ACM Trans on Information and System Security,2001,4(3):224-274.
  • 9CHAKRABORTY S,RAY I.TrustBAC:integrating trust relationships into the RBAC model for access control in open systems[C]//Proc of the 11th ACM Symposium on Access Control Models And Technologies.New York:ACM Press,2006:49-58.
  • 10SANDHU R, ZHANG Xin-wen. Peer-to-peer access control architecture using trusted computing technology[C]//Proc of the 10th ACM Symposium on Access Control Models and Technologies. New York:ACM Press, 2005:147-158.

共引文献7

同被引文献60

  • 1Casola V, Cuomo A, Rak M, et al. The CloudGrid approach:security analysis and performance evaluation[J] . Future Generation Computer Systems, 2013, 29(1):387-401.
  • 2Lewko A, Okamoto T, Sahai A, et al. Fully secure functional encryption:attribute-based encryption and (hierarchical) inner product encryption[C] //Advances in Cryptology-EUROCRYPT. Berlin:Springer, 2010:62-91.
  • 3Yang Xiaoyuan, Cai Weiyi, Wang Xuan. Efficient predicate encryption supporting construction of fine-grained searchable encryption[C] //Proc of the 5th International Conference on Intelligent Networking and Collaborative Systems. [S. l.] :IEEE Press, 2013:438-442.
  • 4Goyal V, Kumar V, Lokam S, et al. On black-box reductions between predicate encryption schemes[M] // Theory of Cryptography. Berlin:Springer, 2012:440-457.
  • 5Katz J, Sahai A, Waters B. Predicate encryption supporting disjunctions, polynomial equations, and inner products[J] . Journal of Cryptology, 2013, 26(2):191-224.
  • 6Li Ming, Yu Shucheng, Cao Ning, et al. Authorized private keyword search over encrypted data in cloud computing[C] //Proc of the 31st International Conference on Distributed Computing Systems. [S. l.] :IEEE Press, 2011:383-392.
  • 7Cao Ning, Wang Cong, Li Ming, et al. Privacy-preserving multi-keyword ranked search over encrypted cloud data[J] . IEEE Trans on Parallel and Distributed Systems, 2014, 25(1):222-233.
  • 8Zhu Benwen, Zhu Bo, Ren Kui. Peksrand:providing predicate privacy in public-key encryption with keyword search[C] //Proc of IEEE International Conference on Communications. [S. l.] :IEEE Press, 2011:1-6.
  • 9Blundo C, Iovino V, Persiano G. Predicate encryption with partial public keys[M] //Cryptology and Network Security. Berlin:Sprin-ger, 2010:298-313.
  • 10Yoshino M, Kunihiro N, Naganuma K, et al. Symmetric inner-pro-duct predicate encryption based on three groups[M] //Provable Security. Berlin:Springer, 2012:215-234.

引证文献5

二级引证文献9

计算机应用研究
2014年 第5期

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部