期刊文献+
任意字段
题名或关键词
题名
关键词
文摘
作者
第一作者
机构
刊名
分类号
参考文献
作者简介
基金资助
栏目信息

基于属性的支持策略本体推理的访问控制方法研究 被引量:2

Attribute-based Access Control Method Supporting Policies Ontology Reasoning
下载PDF
导出
摘要 基于属性的访问控制模型(ABAC)特别适用于大规模分布式网络。然而,由于网络环境的异构性以及策略控制的复杂性,其访问控制策略集往往庞大且缺乏统一语义,策略管理也因此变得复杂和易于出错。针对以上问题,使用本体一致性推理对现有的基于XACML的ABAC授权框架进行扩展:首先,对几种主要的访问控制模型在分布式环境下的性能进行量化分析;其次,通过对本体知识库的一致性检测来判断策略的一致性;最后,设计一个实验方案来验证该方法的有效性和正确性。 In large-scale and distributed systems,attribute-based access control(ABAC)proves its appropriateness out of the ordinary.However,the management of policies turns out to be complex and error-prone for the heterogeneity of network environment,the complexity of policy control and policy sets of large-scale and lack-of-semantic.In order to solve the problem,this paper presented an approach based on the established XACML standard to extend current ABAC authorization architecture with ontology consistency reasoning.First,it carries out a quantitative analysis on several important access control models under distributed environment.Second,it determines the consistency of policies in accordance with the result of the consistency checking on the ontology knowledge base.Third,it designs an experimental scheme in order to verify the validity and correctness of our method.
作者 倪川 黄志球 王珊珊 黄传林
机构地区 南京航空航天大学计算机科学与技术学院
出处 《计算机科学》 CSCD 北大核心 2015年第3期96-101,123,共7页 Computer Science
关键词 ABAC 语义WEB 本体 XACML ABAC Semantic Web Ontology XACML
分类号 TP309 [自动化与计算机技术—计算机系统结构]
  • 相关文献

参考文献21

  • 1Oh S, Sandhu R. A Model for Role Administration Using Organ- ization Structure [C]///SACMAT' 02. Monterey, California, USA,June 3-4,2002.
  • 2Ferraiolo D F, Sandhu R, Gavrila S, et al. Proposed NIST Stan- dard for Role-based Access Control[J]. ACM Transactions on Information and SystemsSecurity, 2001,4 (3).
  • 3Priebe T, Dobmeier W, Muschall B, et al. ABAC-Ein Referenz model fur attribute basierte Zugriffs kontrolle[C]//Proc. 2. Jahrestagung Fachbereich Sicherheit der Gesell schaft far Infor- matik (Sicherheit 2005). Regensburg, Germany, April 2005.
  • 4Berners-Lee T. A Roadmap to the Semantic WebEOL]. World Wide Web Consortium,September 1998. http://www, w3. org/ DesignIssues/Semantic. html.
  • 5Resource Description Framework (RDF) : Concepts and Syntax EOL]. World Wide Web Consortium, February 2004. http:// www. w3. org/TR/2004/REC-rdf-eoncepts-2004021.
  • 6OWL Web Ontology Language Overview [OL]. World Wide Web Consortium, February 2004, http://www, w3. org/TR/ 2004/REC-owl-features-20040210.
  • 7SWRL: A Semantic Web Rule Language Combining OWl. and RuleML[OL]. November 2003. http://www, daml. org/2003/ 11/swrl.
  • 8OASIS eXtensible Access Control Markup Language Technical Committee: eXtensible Access Control Markup Language(XAC- ML) [OL]. http://www, oasis-open, org/committees/tc_home. php? wg abbrev: xacml.
  • 9Sandhu R S. Access Control: The Neglected Frontier [C]// Pieprzyk J P, Seberry J, eds. ACISP 1996. LNCIS 1172, Springer: Heidelberg, 1996 : 219-227.
  • 10Bell D E, LaPadula L J. Secure Computer Systems: Mathematical Foundations and Model[M]. Mitre Corp. , Bedford, MA, 1975.

二级参考文献12

  • 1杜小勇,李曼,王珊.本体学习研究综述[J].软件学报,2006,17(9):1837-1847. 被引量:241
  • 2Cranor L, Langheinrich M, Marchiori M, et al. The platform for privacy preferences 1.0 (P3P1.0) speeification[S/OL]. W3C Candidate Recommendation, HTML Version. (2000-12) [2012-11]. http://www.w3.org/TR/P3P/.
  • 3Sandhu R S, Coyne E J. Role-based access control models[J]. IEEE Computer, 1996, 29(2): 38-47.
  • 4Zhang Chunjie. Research on privacy ontology inference based on rules[D]. Kunming: Yunnan University, 2011.
  • 5Huang Feng. A description logic-based approach for access control policy conflict detection[D]. Nanjing: Nanjing Uni- versity of Aeronautics and Astronautics, 2010.
  • 6Liu Linyuan, Li Qing, Zhu Yi, et al. Specification and veri- fication of privacy requirements in Web service composi- tions[J]. Journal of PLA University of Science and Technol- ogy: Natural Science Edition, 2012, 13(1): 27-33.
  • 7Horrocks I, Patel-Sclmeider P F, Boley H, et al. SWRL: a semantic Web rule language combining OWL and RuleML [S/OL]. W3C Note. (2004-05-12)[2012-11]. http://www.w3. org/Submission/SWRL.
  • 8Knublauch H, Fergerson R W, Noy N F, et al. The Protege OWL plugin: an open development environment for seman- tic Web applications[C]//LNCS 3298: Proceedings of the 3rd Intemational Semantic Web Conference (ISWC 2004), Hiroshima, Japan, 2004. Berlin, Heidelberg: Springer-Verlag, 2004: 229-243.
  • 9Friedman-Hill E. Jess in action: rule-based systems in Java[M]. Greenwich: Manning Publications Co, 2003.
  • 10魏志强,康密军,贾东宁,殷波,周炜.普适计算隐私保护策略研究[J].计算机学报,2010,33(1):128-138. 被引量:25

共引文献8

同被引文献15

引证文献2

二级引证文献8

计算机科学
2015年 第3期

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部