摘要
针对基于Hadoop的遥感影像数据云存储平台存在的认证机制不完善、访问控制过于简单等安全问题,采用Kerberos认证结合令牌认证的身份认证机制,提出了基于用户属性与遥感影像数据属性的多维细粒度访问控制策略,达到了完善平台认证机制和增强平台访问控制的目的。实验结果证明,提出的身份认证机制和访问控制策略能有效增强遥感影像数据云存储平台的安全防护能力,且对平台性能影响很小。
For remote sensing image data cloud storage platform based on Hadoop existing security issues such as the imperfect authentication mechanism and the too simple access control,this paper adopted the authentication mechanism that combines with the Kerberos authentication and the token authentication,and designed the multidimensional fine-grained access control policy based on the user attributes and the remote sensing image data attributes. That improved the platform authentication mechanism and enhanced the capacity of the platform access control. Experimental result proves that the authentication mechanism and the access control policy presented can effectively enhance the security capacity of remote sensing image data cloud storage platform,and it has a little effect on the platform performance.
出处
《计算机应用研究》
CSCD
北大核心
2014年第12期3714-3718,共5页
Application Research of Computers
基金
国家自然科学基金资助项目(40976108)
国家"十二五"规划课题资助项目(201105033)
