摘要
为应对当前访问控制动态变化、策略合约安全性以及策略检索效率的需求,以属性访问控制模型(ABAC)为基础,提出一种基于区块链和策略分级访问控制模型BP-ABAC。结合ABAC和区块链技术,使访问控制策略通过智能合约的方式储存在区块链,合约中对访问控制策略进行策略分级;用户根据等级评估获得相应策略集的访问权限;当请求属性和策略集中的策略相匹配时,获得访问资源权限。实验结果表明,该模型实现了对不同用户访问权限控制和提高访问控制的效率与灵活性,加强了访问控制策略的安全性和隐私性。
To meet the current access control dynamic changes,policy contract security and policy retrieval efficiency requirements,on the basis of attribute access control model(ABAC),a hierarchical access control model based on block chain and policy was proposed,namely BP-ABAC.Combined with ABAC and block chain technology,the access control strategy was stored in the block chain by intelligent contract.The user obtained the access rights of the corresponding policy set according to the level evaluation.Access resource permissions were obtained when the request attribute matched the policy in the policy set.Experimental results show that the proposed model can control access rights of different users and improve the efficiency and flexibility of access control,and enhance the security and privacy of access control policies.
作者
王静宇
杨力
WANG Jing-yu;YANG Li(School of Information Engineering,Inner Mongolia University of Science and Technology,Baotou 014010,China)
出处
《计算机工程与设计》
北大核心
2022年第5期1232-1239,共8页
Computer Engineering and Design
基金
国家自然科学基金项目(61662056)
内蒙古自然科学基金项目(2020MS06009)。
关键词
区块链
智能合约
访问控制
策略分级
等级评估
block chain
smart contract
access control
policy classification
level evaluation
