MTBAC： A Mutual Trust Based Access Control Model in Cloud Computing 被引量：12

MTBAC： A Mutual Trust Based Access Control Model in Cloud Computing

下载PDF

导出

摘要 As a new computing mode,cloud computing can provide users with virtualized and scalable web services,which faced with serious security challenges,however.Access control is one of the most important measures to ensure the security of cloud computing.But applying traditional access control model into the Cloud directly could not solve the uncertainty and vulnerability caused by the open conditions of cloud computing.In cloud computing environment,only when the security and reliability of both interaction parties are ensured,data security can be effectively guaranteed during interactions between users and the Cloud.Therefore,building a mutual trust relationship between users and cloud platform is the key to implement new kinds of access control method in cloud computing environment.Combining with Trust Management(TM),a mutual trust based access control(MTBAC) model is proposed in this paper.MTBAC model take both user's behavior trust and cloud services node's credibility into consideration.Trust relationships between users and cloud service nodes are established by mutual trust mechanism.Security problems of access control are solved by implementing MTBAC model into cloud computing environment.Simulation experiments show that MTBAC model can guarantee the interaction between users and cloud service nodes. As a new computing mode, cloud computing can provide users with virtualized and scalable web services, which faced with serious security challenges, however. Access control is one of the most important measures to ensure the security of cloud computing. But applying traditional access control model into the Cloud directly could not solve the uncertainty and vulnerability caused by the open conditions of cloud computing. In cloud computing environment, only when the security and reliability of both interaction parties are ensured, data security can be effectively guaranteed during interactions between users and the Cloud. Therefore, building a mutual trust relationship between users and cloud platform is the key to implement new kinds of access control method in cloud computing environment. Combining with Trust Management（TM）, a mutual trust based access control （MTBAC） model is proposed in this paper. MTBAC model take both user＇s behavior trust and cloud services node＇s credibility into consideration. Trust relationships between users and cloud service nodes are established by mutual trust mechanism. Security problems of access control are solved by implementing MTBAC model into cloud computing environment. Simulation experiments show that MTBAC model can guarantee the interaction between users and cloud service nodes.

作者 LIN Guoyuan WANG Danru BIE Yuyu LEI Min

机构地区 School of Computer Science and Technology State Key Laboratory for Novel Software Technology Information Security Center

出处《China Communications》 SCIE CSCD 2014年第4期154-162,共9页 中国通信（英文版）

基金 ACKNOWLEDGEMENT This paper is supported by the Opening Project of State Key Laboratory for Novel Software Technology of Nanjing University, China （Grant No.KFKT2012B25） and National Science Foundation of China （Grant No.61303263）.

关键词 cloud computing access control trust model mutual trust mechanism MTBAC 访问控制模型计算模式信任关系安全性问题基础计算环境服务节点 Web服务

分类号 TP309 [自动化与计算机技术—计算机系统结构] TP393 [自动化与计算机技术—计算机应用技术]

引文网络
相关文献

参考文献2

1WANG Wei,ZENG GuoSun.Trusted dynamic level scheduling based on Bayes trust model[J].Science in China(Series F),2007,50(3):456-469. 被引量：14
2林果园,贺珊,黄皓,吴吉义,陈伟.基于行为的云计算访问控制安全模型[J].通信学报,2012,33(3):59-66. 被引量：69

二级参考文献14

1梁彬,孙玉芳,石文昌,孙波.一种改进的以基于角色的访问控制实施BLP模型及其变种的方法[J].计算机学报,2004,27(5):636-644. 被引量：30
2李益发,沈昌祥.一种新的操作系统安全模型[J].中国科学（E辑）,2006,36(4):347-356. 被引量：20
3袁禄来,曾国荪,姜黎立,蒋昌俊.网格环境下基于信任模型的动态级调度[J].计算机学报,2006,29(7):1217-1224. 被引量：53
4MILLER M.Cloud Computing:Web-Based Applications ThatChange the Way You Work and Collaborate Online[M].Que PrintPublication,2008.
5SIRISHA A,GEETHAKUMARI G.API access control in cloud usingthe role based access control model[A].Trendz in Information Sci-ences and Computing-TISC2010[C].2010.
6LI D,LIU C,WEI Q,et al.RBAC-Based access control for SaaSsystems[A].2010 2nd International Conference on Information Engi-neering and Computer Science(ICIECS)[C].2010.
7XUE J,ZHANG J J.A brief survey on the security model of cloudcomputing[A].2010 Ninth International Symposium on DistributedComputing and Applications to Business Engineering and Science(DCABES)[C].2010.
8Nat’l Computer Security Center.Trusted network interpretation of thetrusted computer system evaluation criteria[A].NCSC-TG2005[C].1987.
9BELL D E,LAPADULA L J.Secure Computer Systems:Mathemati-cal Foundations[R].The MITRE Corporation,Bedford,Massachus-setts,1973.
10LIN T,BELL Y,AXIOMS L.A“new”paradigm for an“old”model[A].Proc 1992 ACM SIGSAC New Security Paradigms Work-shop[C].1992.

共引文献81

1宁玉梅,丁振国,曾平,王晨.基于双重身份认证的云计算访问控制模型[J].华中科技大学学报（自然科学版）,2012,40(S1):288-292. 被引量：4
2王伟,曾国荪.基于Bayes认知信任模型的MANETs自聚集算法[J].中国科学：信息科学,2010,40(2):228-239. 被引量：4
3常玲霞,王凤英.云环境下的CRUAC访问控制模型[J].微电子学与计算机,2015,32(1):131-135. 被引量：1
4马礼,郑纬民.网格环境下的信任机制研究综述[J].小型微型计算机系统,2008,29(5):825-830. 被引量：9
5马礼,郑纬民.信息网格环境下的综合信任度评价模型[J].清华大学学报（自然科学版）,2009(4):599-603. 被引量：15
6WANG Wei1,2,3 & ZENG GuoSun1,2,31Department of Computer Science & Technology, Tongji University, Shanghai 200092, China,2Tongji Branch, National Engineering & Technology Center of High Performance Computer, Shanghai 200092, China 3Key Loboratory of Embedded System and Service Computing, Ministry of Education, Shanghai 200092, China.Bayesian cognitive trust model based self-clustering algorithm for MANETs[J].Science China(Information Sciences),2010,53(3):494-505. 被引量：6
7刘志都,贾松浩,杨彩.一种改进的网格信任模型[J].海军工程大学学报,2010,22(4):45-48. 被引量：1
8牟晓艳,石磊.基于教育资源网格的信任模型研究[J].信息技术与信息化,2011(1):16-18.
9王巍,罗军舟,宋爱波.一种具有GQoP保证的网格QoS自适应调度算法[J].计算机研究与发展,2011,48(7):1168-1177. 被引量：2
10瞿师,吴玲达,魏迎梅,李松,冯晓萌.基于统计学习的逆向运动学实现方法[J].系统工程与电子技术,2011,33(8):1891-1895.

同被引文献55

1刘伟,蔡嘉勇,贺也平.一种基于信任度的自组安全互操作方法[J].软件学报,2007,18(8):1958-1967. 被引量：10
2武少杰.云计算下虚拟环境安全的关键技术研究[D].郑州:解放军信息工程大学,2012.
3LIN Guoyuan, BIE Yuyu, LEI Min, et al. ACO-BTM A Behavior Trust Model in Cloud Computing Environment [J]. International Journal of Computational Intelligence Systems, 2014, 7(4):785-795.
4BELL D E, PADULA L J L. Unified Exposition and Multics Interpretation[R]. USA: Secure Computer System. MTR 2997 Rev 1, 1976.
5Biba K J. Integrity Consideratiom for Secure Computer Systems[R]. USA: US Air Force Electronic System Division, Technical Report. MTR 3153, 1977.
6MYERS A C, LISKOV B. Protecting Privacy Using the Decentralized Label Model [J]. ACM Transactiom on Computer Systems, 2000, 9(4):410-442.
7SHI Q, ZHANG N. An effective model for composition of secure systems [J]. The Journal of Systems and Software, 1998, 43 (3) :233-244.
8LU W P, SUNDARESHAN M K. A model for multilevel security in computer networks [J]. IEEE Transactions on Software Engineering, 1990, 16(6): 647-659.
9LEVIN TE, IRVINE CE, NGUYEN TD. Least Privilege in Separation Kernels [C]//IEEE. Proceedings of the IEEE International Conference on Security and Cryptography. Piscataway, NJ: IEEE Press, 2006: 355-362.
10RUSHBY J. Noninterference, Transitivity, and Channel-control Security Policies[R]. Menlo Park: Stanford Research Institute, CSL-92-02, 1992.

引证文献12

1郑周,张大军,李运发.云计算中面向数据存储的安全访问控制机制[J].信息网络安全,2015(9):221-226. 被引量：20
2周娜,林果园,李正奎.云计算中基于无干扰理论的多级安全模型[J].信息网络安全,2015(12):21-27. 被引量：5
3常亚楠,张志勇,韩林茜.一种可信接入云安全协议[J].微电子学与计算机,2016,33(2):34-38. 被引量：2
4李由由,郭海儒,彭维平,宋成.基于信任度属性的访问控制策略合成[J].计算机应用研究,2016,33(7):2175-2180. 被引量：7
5Jie Zhu,Guoyuan Lin,Fucheng You,Huaqun Liu,Chunru Zhou.Multiway Dynamic Trust Chain Model on Virtual Machine for Cloud Computing[J].China Communications,2016,13(7):83-91. 被引量：1
6孔功胜.云计算安全认证与可信接入协议研究进展[J].河南大学学报（自然科学版）,2017,47(1):62-72. 被引量：6
7Aijuan Zhang,Cheng Ji,Yu Bao,Xin Li.Conflict Analysis and Detection Based on Model Checking for Spatial Access Control Policy[J].Tsinghua Science and Technology,2017,22(5):478-488.
8赵勇,高彦杰.影响IEEE 1588时钟同步精度的关键因素[J].上海电力学院学报,2017,33(6):581-585. 被引量：2
9邢旭亮,田秀霞.一种新颖的基于信誉的动态访问控制模型[J].上海电力学院学报,2017,33(6):591-596.
10Guoyuan Lin,Bowen Liu,Pengcheng Xiao,Min Lei,Wei Bi.Phishing Detection with Image Retrieval Based on Improved Texton Correlation Descriptor[J].Computers, Materials & Continua,2018(12):533-547. 被引量：2

二级引证文献50

1陶政,胡俊,吴欢,杨静.云租户虚拟机主动可信验证机制的研究与应用[J].信息网络安全,2015(11):21-26. 被引量：1
2周娜,林果园,李正奎.云计算中基于无干扰理论的多级安全模型[J].信息网络安全,2015(12):21-27. 被引量：5
3吴继康,于徐红,王虹.基于第三方可信平台的混合云安全存储系统构建[J].信息网络安全,2015(12):28-33. 被引量：4
4郎为民,陈凯.一种基于映射版本表格的动态多副本可证明数据持有方案研究[J].信息网络安全,2016(1):18-23.
5王媛媛,吕晓丹,胡琪,吴鸿川.基于HBase的RDF数据存储方案研究与设计[J].信息网络安全,2016(3):59-63. 被引量：5
6刘莎,楚传仁.基于文件等级的Ceph数据冗余存储策略的研究[J].信息网络安全,2016(4):50-54. 被引量：7
7范运东,吴晓平,石雄.基于信任值评估的云计算访问控制模型研究[J].信息网络安全,2016(7):71-77. 被引量：11
8邵剑雨,陈福臻,秦鹏宇,程久军.移动互联网环境下基于动态信任值的访问控制方法研究[J].信息网络安全,2016(8):46-53. 被引量：6
9吴继康,于徐红.混合云环境中多用户数据共享问题研究[J].计算机应用研究,2016,33(11):3435-3441. 被引量：8
10李殿伟,范运东.基于IBE机制的云文档安全存储管理系统设计与实现[J].信息网络安全,2016(12):1-7. 被引量：3

1陆虹,夏天.The Research of Role Tree-Based Access Control Model[J].Journal of Donghua University(English Edition),2010,27(2):274-276.
2LI Fenghua,WANG Wei,MA Jianfeng,Sang JaeMoon.Action-Based Access Control Modelt[J].Chinese Journal of Electronics,2008,17(3):396-401. 被引量：7
3刘武,段海新,张洪,任萍,吴建平.TRBAC:基于信任的访问控制模型[J].计算机研究与发展,2011,48(8):1414-1420. 被引量：30
4洪帆,冯学斌,黄志,郑明辉.Integrity Based Access Control Model for Multilevel XML Document[J].Journal of Southwest Jiaotong University(English Edition),2008,16(2):109-114.
5YANG HUI.The 13th Five-Year Plan Consolidates Mutual Trust in China-U.S. Trade and Economic Relations[J].China Today,2016,65(5):38-41.
6Yan Danfeng,Sun Jing,Zhang Liying,Yang Fangchun.Trust-Compensation-Based Access Control Model for Web Services[J].China Communications,2012,9(12):8-21. 被引量：1
7冯毅,王亚弟,韩继红.一种扩展的基于角色的工作流访问控制模型[J].计算机应用与软件,2008,25(6):262-264. 被引量：1
8Mutual Trust and Multilateral Approach Vital for Success[J].China International Business,2013(6):24-31.
9崔玉松,沈文轩,张林,王宇.基于角色的工作流访问控制模型[J].辽宁科技大学学报,2006,30(5):484-489.
10Yuan Feng.Multilateralism and the Realization of the Chinese Dream： A Possible Way to Nurture Mutual Trust[J].Fudan Journal of the Humanities and Social Sciences,2015,8(4):553-569.

China Communications

2014年第4期

浏览历史

内容加载中请稍等...