一种基于用户评价值的动态访问控制模型

Dynamic access control model based on user evaluation value

针对购物网站中大量信誉等级不同的用户却拥有相同权限的问题,提出一种依据用户评价值进行动态访问控制的模型。该模型将RBAC中权限的授权与用户的评价值相结合,通过综合评估购物网站用户评价值,对角色的权限范围进行动态调整,从而达到动态访问控制的目的。通过应用该模型对一个实例进行分析的结果表明,该访问控制模型能够提高用户评价值的准确性,实现了相同角色不同权限的动态分配,增强了购物网站中资源的安全性和可靠性。

In consideration of the problem that a lot of different users of the shopping websites have the same permissions though they have different credit rating,a dynamic access control model based on the user evaluation value is proposed. Assess permission authorization in RBAC and user evaluation value are combined in this model. By comprehensive evaluation of user evaluation value for shopping website,the permission scope of user is adjusted dynamically to achieve dynamic access control. The result of analyzing an example by this model shows that this access control model can improve the accuracy of user evaluation value. By the model,the dynamic permission assignment for the same roles with different permission was realized,and safety and reliability of resources in shopping website were enhanced.