大数据风险访问控制研究进展

Research Progress on Risk Access Control

大数据访问控制是确保大数据数据安全与信息共享的重要技术之一,但由于传统的访问控制策略无法满足动态环境下访问信息的实时性与动态性,因此在访问控制中引入风险评估方法,以协调访问控制策略,提高访问控制在动态环境中的应用。鉴于此,文中对国内外风险访问控制研究的主要工作进行系统的回顾与总结,分析近年来最新研究成果。首先,分析总结了扩展到传统的访问控制模型和基于XACML框架的访问控制模型的风险访问控制,及其在不同环境中的应用;其次,对风险访问控制的技术与方法进行总结与分析,并且对风险自适应访问控制(Risk-Adaptable Access Control,RAdAC)进行分析与研究;最后,对未来大数据环境下风险访问控制的研究进行了展望,提出一些具有研究价值的问题。文中认为,在未来大数据访问控制研究技术中,基于风险的访问控制仍然是大数据访问控制的重要研究内容。

Big data access control is one of the important technologies to ensure the security and information sharing of big data.However,because the traditional access control strategy can not meet the real-time and dynamic access information in the dynamic environment,the risk assessment method is introduced in the access control to coordinate access control policies,improve the application of access control in dynamic environments.In view of this,this paper systematically reviews and summarizes the main work of risk access control research at home and abroad,and analyzes the latest research results in recent years.Firstly,the risk access control extended to the traditional access control model and its XACML framework-based access control model is analyzed and summarized,and the application in different environments is summarized.Secondly,the techniques and methods of risk access control are summarized and analyzed,the risk is self-contained,and Risk-Adaptive Access Control(RAdAC)is analyzed and researched.Finally,the future research on risk access control in big data environment is prospected,and some problems with research value are proposed.This paper argues that risk-based access control is still an important research content of access control in future big data access control research technology.