摘要
煤矿安监云数据的管控十分严格,访问权限的设计应满足分类分级和安全性方面的需求。目前煤矿安监云数据在安全管控维度存在分类分级不清晰及保密性不强等问题,且现有的云数据管控模型难以适应煤矿安监数据的安全需求。针对上述问题,设计了基于区块链的煤矿安监云数据安全访问模型,包括访问权限模型和访问控制模型。在分析煤矿安监云数据访问属性和访问对象的基础上设计了基于用户层级和数据属性的访问权限模型,实现了云数据分类分级管控和权限动态生成。依据区块链分布式实现、全程透明、防篡改等优势构建了访问控制模型,实现了分布式访问控制,利用智能合约保障访问控制安全,采用加密技术增强对权限信息的安全保护。对比分析结果表明:与常用的基于角色的访问控制(RBAC)模型和基于属性的权限验证(ABAC)模型相比,基于用户层级和数据属性的访问权限模型实现了对煤矿安监云数据更细粒度的访问权限划分,用户权限直观,权限生成规则简单,符合煤矿安监云数据的安全保障需要;与基于第三方的访问控制模型相比,基于区块链的访问控制模型利用智能合约进行访问控制,能够增强煤矿安监云数据的安全性,为云数据安全问题提供了新的解决思路,满足更多场景下数据安全访问的需求。
The management and control of coal mine safety supervision cloud data is very strict,and the design of access authority should satisfy the requirements of classification and security.At present,coal mine safety supervision cloud data has the problems of unclear classification and hierarchy and weak confidentiality in the security management and contrd dimension.And the existing cloud data management and control models are difficult to meet the security requirements of coal mine safety supervision data.In order to solve the above problems,the security access model of coal mine safety supervision cloud data based on blockchain is designed,including access authority model and access control model.Based on the analysis of the access attributes and access objects of coal mine safety supervision cloud data,an access authority model based on user hierarchy and data attributes is designed.The model realizes the classification and hierarchy management and control of cloud data and dynamic generation of authority.Based on the advantages of distributed realization,full transparency and tamper-proof of blockchain,the cloud data access control model is constructed.The model realizes distributed access control,ensures the security of access control by intelligent contract,and enhances the security protection of authority information by encryption technology.The comparative analysis results shows that compared with the common role-based access control(RBAC)model and attribute-based access control(ABAC)model,the access authority model based on user hierarchy and data attributes realizes the fine-grained access authority division for the coal mine safety supervision cloud data.The user authority is intuitive,the authority rules are simple to generate.The access authority model meets the security requirements of the coal mine safety supervision cloud data.Compared with the access control model based on the third party,the access control model based on the blockchain uses the intelligent contract for access control.The model can enhance the security of the coal mine safety supervision cloud data,provide a new solution for the cloud data security problem,and meets the needs of data security access in more scenarios.
作者
谭靓洁
李永飞
吴琼
TAN Liangjie;LI Yongfei;WU Qiong(School of Safety Engineering,North China Institute of Science and Technology,Sanhe 065201,China;School of Computer,North China Institute of Science and Technology,Sanhe 065201,China)
出处
《工矿自动化》
北大核心
2022年第5期93-99,共7页
Journal Of Mine Automation
基金
国家重点研发计划项目(2018YFC0808306)
河北省重点研发计划项目(19270318D)
河北省教育厅科学技术研究项目(Z2019044)
中央高校基本科研业务费资助项目(3142017067)。
关键词
煤矿安全信息化
煤矿安监数据
云数据
区块链
访问控制
权限管理
智能合约
coal mine safety informatization
coal mine safety supervision data
cloud data
blockchain
access control
authority management
intelligent contract
