摘要
在信息技术高速发展的今天,作为存储数据最有效的工具,数据库存储了大量与用户个人隐私相关的数据。由于每个人对于隐私信息的保护程度不同,传统数据库访问控制无法保证隐私数据的安全,从而产生了基于目的的访问控制模型。现有的基于目的访问控制模型主要针对数据与允许目的的动态绑定方式进行研究,考虑用户与访问目的的动态分配的研究较少。在过去研究的基础上,提出了一种基于目的和上下文的访问控制模型,模型使用规则推理机制,以用户的上下文信息作为规则触发条件,动态地为用户分配访问目的。实验结果表明,该模型不仅弥补了现有模型的缺点,而且能够高效地控制用户对数据库中隐私数据的访问行为。
With the rapid development of information technology today, as the most effective storage data tool, the database stores a large number of data related to users privacy. But the traditional database access control model cannot guarantee the security of personal privacy data due to the different degrees of protection for the privacy information between different people. This gives birth to the emergence of purpose based access control model. Existing models concentrate on binding the data with intend purpose dynamically, but rarely concern about the distribution between users and access purpose. On the basis of previous studies, this paper proposes a purpose and context based access control model, which uses the rule reasoning mechanism and takes the context information of users as the trigger condition. In this way, the access purpose can be distributes to user dynamically. The experiment shows that, the new model not only makes up the shortcomings of existing models, but also controls the access behavior from user to database efficiently.
出处
《计算机科学与探索》
CSCD
北大核心
2016年第9期1229-1239,共11页
Journal of Frontiers of Computer Science and Technology
基金
国家自然科学基金Nos.61373015
61300052
41301047
江苏高校优势学科建设工程资助项目~~
