期刊文献+
共找到8,327篇文章
< 1 2 250 >
每页显示 20 50 100
Permission and role automatic assigning of user in role-based access control 被引量:4
1
作者 韩道军 卓汉逵 +1 位作者 夏兰亭 李磊 《Journal of Central South University》 SCIE EI CAS 2012年第4期1049-1056,共8页
Role mining and setup affect the usage of role-based access control(RBAC).Traditionally,user's role and permission assigning are manipulated by security administrator of system.However,the cost is expensive and th... Role mining and setup affect the usage of role-based access control(RBAC).Traditionally,user's role and permission assigning are manipulated by security administrator of system.However,the cost is expensive and the operating process is complex.A new role analyzing method was proposed by generating mappings and using them to provide recommendation for systems.The relation among sets of permissions,roles and users was explored by generating mappings,and the relation between sets of users and attributes was analyzed by means of the concept lattice model,generating a critical mapping between the attribute and permission sets,and making the meaning of the role natural and operational.Thus,a role is determined by permission set and user's attributes.The generated mappings were used to automatically assign permissions and roles to new users.Experimental results show that the proposed algorithm is effective and efficient. 展开更多
关键词 role-based access control ROLE permission assignment concept lattice
下载PDF
校园网中的Role-based Access Control模型设计 被引量:2
2
作者 王新月 《计算机与现代化》 2004年第3期54-57,共4页
介绍了如何将Role basedAccessControl(RBAC)模型应用于校园网的访问控制系统中。其特点是通过分配和取消角色来完成用户权限的授予和取消 ,并且提供了角色分配规则和操作检查规则。安全管理人员根据需要定义各种角色 ,并设置合适的访... 介绍了如何将Role basedAccessControl(RBAC)模型应用于校园网的访问控制系统中。其特点是通过分配和取消角色来完成用户权限的授予和取消 ,并且提供了角色分配规则和操作检查规则。安全管理人员根据需要定义各种角色 ,并设置合适的访问权限 ,而用户根据其责任和资历被指派为不同的角色。根据系统的实际需求 。 展开更多
关键词 校园网 role-based access control模型 设计 访问控制系统 角色分配规则
下载PDF
A distributed role-based access control model for multi-domain environments 被引量:1
3
作者 洪帆 朱贤 邢光林 《Journal of Shanghai University(English Edition)》 CAS 2006年第2期134-141,共8页
Access control in multi-domain environments is an important question in building coalition between domains. Based on the RBAC access control model and the concepts of secure domain, the role delegation and role mappin... Access control in multi-domain environments is an important question in building coalition between domains. Based on the RBAC access control model and the concepts of secure domain, the role delegation and role mapping are proposed, which support the third-party authorization. A distributed RBAC model is then presented. Finally implementation issues are discussed. 展开更多
关键词 role access control MULTI-DOMAIN DELEGATION mapping.
下载PDF
Consistency maintenance for constraint in role-based access control model 被引量:3
4
作者 韩伟力 陈刚 +1 位作者 尹建伟 董金祥 《Journal of Zhejiang University Science》 CSCD 2002年第3期292-297,共6页
Constraint is an important aspect of role based access control and is sometimes argued to be the principal motivation for role based access control (RBAC). But so far few authors have discussed consistency maintenan... Constraint is an important aspect of role based access control and is sometimes argued to be the principal motivation for role based access control (RBAC). But so far few authors have discussed consistency maintenance for constraint in RBAC model. Based on researches of constraints among roles and types of inconsistency among constraints, this paper introduces corresponding formal rules, rule based reasoning and corresponding methods to detect, avoid and resolve these inconsistencies. Finally, the paper introduces briefly the application of consistency maintenance in ZD PDM, an enterprise oriented product data management (PDM) system. 展开更多
关键词 Consistency maintenance Role based access control Product data management CONSTRAINT
下载PDF
A General Attribute and Rule Based Role-Based Access Control Model
5
作者 朱一群 李建华 张全海 《Journal of Shanghai Jiaotong university(Science)》 EI 2007年第6期719-724,共6页
Growing numbers of users and many access control policies which involve many different resource attributes in service-oriented environments bring various problems in protecting resource.This paper analyzes the relatio... Growing numbers of users and many access control policies which involve many different resource attributes in service-oriented environments bring various problems in protecting resource.This paper analyzes the relationships of resource attributes to user attributes in all policies, and propose a general attribute and rule based role-based access control(GAR-RBAC) model to meet the security needs. The model can dynamically assign users to roles via rules to meet the need of growing numbers of users. These rules use different attribute expression and permission as a part of authorization constraints, and are defined by analyzing relations of resource attributes to user attributes in many access policies that are defined by the enterprise. The model is a general access control model, and can support many access control policies, and also can be used to wider application for service. The paper also describes how to use the GAR-RBAC model in Web service environments. 展开更多
关键词 ATTRIBUTE RULE user-role ASSIGNMENT role-based access control(RBAC) access policy
下载PDF
A Cache Considering Role-Based Access Control and Trust in Privilege Management Infrastructure
6
作者 ZHANG Shaomin WANG Baoyi ZHOU Lihua 《Wuhan University Journal of Natural Sciences》 CAS 2006年第6期1827-1830,共4页
PMI (privilege management infrastructure) is used to perform access control to resource in an E-commerce or E-government system. With the ever-increasing need for secure transaction, the need for systems that offer ... PMI (privilege management infrastructure) is used to perform access control to resource in an E-commerce or E-government system. With the ever-increasing need for secure transaction, the need for systems that offer a wide variety of QoS (quality-of-service) features is also growing. In order to improve the QoS of PMI system, a cache based on RBAC (Role-based Access control) and trust is proposed. Our system is realized based on Web service. How to design the cache based on RBAC and trust in the access control model is deseribed in detail. The algorithm to query role permission in cache and to add records in cache is dealt with. The policy to update cache is introduced also. 展开更多
关键词 access control RBAC(role-based access controd TRUST CACHE PMI (privilege management infrastructure)
下载PDF
Centralized Role-Based Access Control for Federated Multi-Domain Environments
7
作者 YU Guangcan LU Zhengding +1 位作者 LI Ruixuan MUDAR Sarem 《Wuhan University Journal of Natural Sciences》 CAS 2006年第6期1688-1692,共5页
The secure interaction among multiple security domains is a major concern. In this paper, we highlight the issues of secure interoperability among multiple security domains operating under the widely accepted Role Bas... The secure interaction among multiple security domains is a major concern. In this paper, we highlight the issues of secure interoperability among multiple security domains operating under the widely accepted Role Based Access Control (RBAC) model. We propose a model called CRBAC that easily establishes a global policy for roles mapping among multiple security domains. Our model is based on an extension of the RBAC model. Also, multiple security domains were composed to one abstract security domain. Also roles in the multiple domains are translated to permissions of roles in the abstract security domain. These permissions keep theirs hierarchies. The roles in the abstract security domain implement roles mapping among the multiple security domains. Then, authorized users of any security domain can transparently access resources in the multiple domains. 展开更多
关键词 RBAC(role based access control federated MULTI-DOMAIN
下载PDF
Distributed Role-based Access Control for Coaliagion Application
8
作者 HONGFan ZHUXian XINGGuanglin 《Geo-Spatial Information Science》 2005年第2期138-143,共6页
Access control in multi-domain environments is one of the important questions of building coalition between domains. On the basis of RBAC access control model, the concepts of role delegation and role mapping are prop... Access control in multi-domain environments is one of the important questions of building coalition between domains. On the basis of RBAC access control model, the concepts of role delegation and role mapping are proposed, which support the third-party authorization. Then, a distributed RBAC model is presented. Finally the implementation issues are discussed. 展开更多
关键词 ROLE access control MULTI-DOMAIN DELEGATION MAPPING
下载PDF
Dynamically Authorized Role-Based Access Control for Grid Applications
9
作者 YAO Hanbing HU Heping LU Zhengding LI Ruixuan 《Geo-Spatial Information Science》 2006年第3期223-228,233,共7页
Grid computing is concerned with the sharing and coordinated use of diverse resources in distributed “virtual organizations”. The heterogeneous, dynamic and multi-domain nature of these environments makes challengin... Grid computing is concerned with the sharing and coordinated use of diverse resources in distributed “virtual organizations”. The heterogeneous, dynamic and multi-domain nature of these environments makes challenging security issues that demand new technical approaches. Despite the recent advances in access control approaches applicable to Grid computing, there remain issues that impede the development of effective access control models for Grid applications. Among them there are the lack of context-based models for access control, and reliance on identity or capability-based access control schemes. An access control scheme that resolve these issues is presented, and a dynamically authorized role-based access control (D-RBAC) model extending the RBAC with context constraints is proposed. The D-RABC mechanisms dynamically grant permissions to users based on a set of contextual information collected from the system and user’s environments, while retaining the advantages of RBAC model. The implementation architecture of D-RBAC for the Grid application is also described. 展开更多
关键词 Grid security RBAC context-based access control
下载PDF
A Blockchain-Based Access Control Scheme for Reputation Value Attributes of the Internet of Things 被引量:1
10
作者 Hongliang Tian Junyuan Tian 《Computers, Materials & Continua》 SCIE EI 2024年第1期1297-1310,共14页
The Internet of Things(IoT)access controlmechanism may encounter security issues such as single point of failure and data tampering.To address these issues,a blockchain-based IoT reputation value attribute access cont... The Internet of Things(IoT)access controlmechanism may encounter security issues such as single point of failure and data tampering.To address these issues,a blockchain-based IoT reputation value attribute access control scheme is proposed.Firstly,writing the reputation value as an attribute into the access control policy,and then deploying the access control policy in the smart contract of the blockchain system can enable the system to provide more fine-grained access control;Secondly,storing a large amount of resources fromthe Internet of Things in Inter Planetary File System(IPFS)to improve system throughput;Finally,map resource access operations to qualification tokens to improve the performance of the access control system.Complete simulation experiments based on the Hyperledger Fabric platform.Fromthe simulation experimental results,it can be seen that the access control system can achieve more fine-grained and dynamic access control while maintaining high throughput and low time delay,providing sufficient reliability and security for access control of IoT devices. 展开更多
关键词 Blockchain IOT access control Hyperledger Fabric
下载PDF
Blockchain-Enabled Privacy Protection and Access Control Scheme Towards Sensitive Digital Assets Management
11
作者 Duan Pengfei Ma Zhaofeng +2 位作者 Zhang Yuqing Wang Jingyu Luo Shoushan 《China Communications》 SCIE CSCD 2024年第7期224-236,共13页
With the growth of requirements for data sharing,a novel business model of digital assets trading has emerged that allows data owners to sell their data for monetary gain.In the distributed ledger of blockchain,howeve... With the growth of requirements for data sharing,a novel business model of digital assets trading has emerged that allows data owners to sell their data for monetary gain.In the distributed ledger of blockchain,however,the privacy of stakeholder's identity and the confidentiality of data content are threatened.Therefore,we proposed a blockchainenabled privacy-preserving and access control scheme to address the above problems.First,the multi-channel mechanism is introduced to provide the privacy protection of distributed ledger inside the channel and achieve coarse-grained access control to digital assets.Then,we use multi-authority attribute-based encryption(MAABE)algorithm to build a fine-grained access control model for data trading in a single channel and describe its instantiation in detail.Security analysis shows that the scheme has IND-CPA secure and can provide privacy protection and collusion resistance.Compared with other schemes,our solution has better performance in privacy protection and access control.The evaluation results demonstrate its effectiveness and practicability. 展开更多
关键词 access control data trading MAABE multi-channel privacy preserving
下载PDF
Cross-Domain Bilateral Access Control on Blockchain-Cloud Based Data Trading System
12
作者 Youngho Park Su Jin Shin Sang Uk Shin 《Computer Modeling in Engineering & Sciences》 SCIE EI 2024年第10期671-688,共18页
Data trading enables data owners and data requesters to sell and purchase data.With the emergence of blockchain technology,research on blockchain-based data trading systems is receiving a lot of attention.Particularly... Data trading enables data owners and data requesters to sell and purchase data.With the emergence of blockchain technology,research on blockchain-based data trading systems is receiving a lot of attention.Particularly,to reduce the on-chain storage cost,a novel paradigm of blockchain and cloud fusion has been widely considered as a promising data trading platform.Moreover,the fact that data can be used for commercial purposes will encourage users and organizations from various fields to participate in the data marketplace.In the data marketplace,it is a challenge how to trade the data securely outsourced to the external cloud in a way that restricts access to the data only to authorized users across multiple domains.In this paper,we propose a cross-domain bilateral access control protocol for blockchain-cloud based data trading systems.We consider a system model that consists of domain authorities,data senders,data receivers,a blockchain layer,and a cloud provider.The proposed protocol enables access control and source identification of the outsourced data by leveraging identity-based cryptographic techniques.In the proposed protocol,the outsourced data of the sender is encrypted under the target receiver’s identity,and the cloud provider performs policy-match verification on the authorization tags of the sender and receiver generated by the identity-based signature scheme.Therefore,data trading can be achieved only if the identities of the data sender and receiver simultaneously meet the policies specified by each other.To demonstrate efficiency,we evaluate the performance of the proposed protocol and compare it with existing studies. 展开更多
关键词 Bilateral access control blockchain data sharing policy-match
下载PDF
Big Data Access Control Mechanism Based on Two-Layer Permission Decision Structure
13
作者 Aodi Liu Na Wang +3 位作者 Xuehui Du Dibin Shan Xiangyu Wu Wenjuan Wang 《Computers, Materials & Continua》 SCIE EI 2024年第4期1705-1726,共22页
Big data resources are characterized by large scale, wide sources, and strong dynamics. Existing access controlmechanisms based on manual policy formulation by security experts suffer from drawbacks such as low policy... Big data resources are characterized by large scale, wide sources, and strong dynamics. Existing access controlmechanisms based on manual policy formulation by security experts suffer from drawbacks such as low policymanagement efficiency and difficulty in accurately describing the access control policy. To overcome theseproblems, this paper proposes a big data access control mechanism based on a two-layer permission decisionstructure. This mechanism extends the attribute-based access control (ABAC) model. Business attributes areintroduced in the ABAC model as business constraints between entities. The proposed mechanism implementsa two-layer permission decision structure composed of the inherent attributes of access control entities and thebusiness attributes, which constitute the general permission decision algorithm based on logical calculation andthe business permission decision algorithm based on a bi-directional long short-term memory (BiLSTM) neuralnetwork, respectively. The general permission decision algorithm is used to implement accurate policy decisions,while the business permission decision algorithm implements fuzzy decisions based on the business constraints.The BiLSTM neural network is used to calculate the similarity of the business attributes to realize intelligent,adaptive, and efficient access control permission decisions. Through the two-layer permission decision structure,the complex and diverse big data access control management requirements can be satisfied by considering thesecurity and availability of resources. Experimental results show that the proposed mechanism is effective andreliable. In summary, it can efficiently support the secure sharing of big data resources. 展开更多
关键词 Big data access control data security BiLSTM
下载PDF
Deep Learning Social Network Access Control Model Based on User Preferences
14
作者 Fangfang Shan Fuyang Li +3 位作者 Zhenyu Wang Peiyu Ji Mengyi Wang Huifang Sun 《Computer Modeling in Engineering & Sciences》 SCIE EI 2024年第7期1029-1044,共16页
A deep learning access controlmodel based on user preferences is proposed to address the issue of personal privacy leakage in social networks.Firstly,socialusers andsocialdata entities are extractedfromthe social netw... A deep learning access controlmodel based on user preferences is proposed to address the issue of personal privacy leakage in social networks.Firstly,socialusers andsocialdata entities are extractedfromthe social networkandused to construct homogeneous and heterogeneous graphs.Secondly,a graph neural networkmodel is designed based on user daily social behavior and daily social data to simulate the dissemination and changes of user social preferences and user personal preferences in the social network.Then,high-order neighbor nodes,hidden neighbor nodes,displayed neighbor nodes,and social data nodes are used to update user nodes to expand the depth and breadth of user preferences.Finally,a multi-layer attention network is used to classify user nodes in the homogeneous graph into two classes:allow access and deny access.The fine-grained access control problem in social networks is transformed into a node classification problem in a graph neural network.The model is validated using a dataset and compared with other methods without losing generality.The model improved accuracy by 2.18%compared to the baseline method GraphSAGE,and improved F1 score by 1.45%compared to the baseline method,verifying the effectiveness of the model. 展开更多
关键词 Graph neural networks user preferences access control social network
下载PDF
A Dual-Cluster-Head Based Medium Access Control for Large-Scale UAV Ad-Hoc Networks
15
作者 Zhao Xinru Wei Zhiqing +3 位作者 Zou Yingying Ma Hao Cui Yanpeng Feng Zhiyong 《China Communications》 SCIE CSCD 2024年第5期123-136,共14页
Unmanned Aerial Vehicle(UAV)ad hoc network has achieved significant growth for its flexibility,extensibility,and high deployability in recent years.The application of clustering scheme for UAV ad hoc network is impera... Unmanned Aerial Vehicle(UAV)ad hoc network has achieved significant growth for its flexibility,extensibility,and high deployability in recent years.The application of clustering scheme for UAV ad hoc network is imperative to enhance the performance of throughput and energy efficiency.In conventional clustering scheme,a single cluster head(CH)is always assigned in each cluster.However,this method has some weaknesses such as overload and premature death of CH when the number of UAVs increased.In order to solve this problem,we propose a dual-cluster-head based medium access control(DCHMAC)scheme for large-scale UAV networks.In DCHMAC,two CHs are elected to manage resource allocation and data forwarding cooperatively.Specifically,two CHs work on different channels.One of CH is used for intra-cluster communication and the other one is for inter-cluster communication.A Markov chain model is developed to analyse the throughput of the network.Simulation result shows that compared with FM-MAC(flying ad hoc networks multi-channel MAC,FM-MAC),DCHMAC improves the throughput by approximately 20%~50%and prolongs the network lifetime by approximately 40%. 展开更多
关键词 dual cluster head medium access control UAV swarm
下载PDF
Task-and-role-based access-control model for computational grid
16
作者 龙涛 《Journal of Chongqing University》 CAS 2007年第4期249-255,共7页
Access control in a grid environment is a challenging issue because the heterogeneous nature and independent administration of geographically dispersed resources in grid require access control to use fine-grained poli... Access control in a grid environment is a challenging issue because the heterogeneous nature and independent administration of geographically dispersed resources in grid require access control to use fine-grained policies. We established a task-and-role-based access-control model for computational grid (CG-TRBAC model), integrating the concepts of role-based access control (RBAC) and task-based access control (TBAC). In this model, condition restrictions are defined and concepts specifically tailored to Workflow Management System are simplified or omitted so that role assignment and security administration fit computational grid better than traditional models; permissions are mutable with the task status and system variables, and can be dynamically controlled. The CG-TRBAC model is proved flexible and extendible. It can implement different control policies. It embodies the security principle of least privilege and executes active dynamic authorization. A task attribute can be extended to satisfy different requirements in a real grid system. 展开更多
关键词 computational grid task-and-role-based access control grid security role assignment
下载PDF
Research and Realization of the Role-Based System Access Control Management 被引量:1
17
作者 蔡红 陈荣耀 令狐佳 《Journal of Donghua University(English Edition)》 EI CAS 2010年第2期267-269,共3页
The systematical structure of the role-based access control was analyzed,giving a full description of the definitions of user,user access,and the relation between post role and access. It puts forward a role-based acc... The systematical structure of the role-based access control was analyzed,giving a full description of the definitions of user,user access,and the relation between post role and access. It puts forward a role-based access control management which is relatively independent in the applied system. This management achieves the control on user's access by distribution and cancel of role-play,which is a better solution to the problems of the access control management for the applied system. Besides,a complete scheme for the realization of this access control was provided. 展开更多
关键词 access control user distribution
下载PDF
Blockchain-Empowered Token-Based Access Control System with User Reputation Evaluation 被引量:1
18
作者 Yuzheng Yang Zhe Tu +1 位作者 Ying Liu Huachun Zhou 《Computers, Materials & Continua》 SCIE EI 2023年第12期3163-3184,共22页
Currently,data security and privacy protection are becoming more and more important.Access control is a method of authorization for users through predefined policies.Token-based access control(TBAC)enhances the manage... Currently,data security and privacy protection are becoming more and more important.Access control is a method of authorization for users through predefined policies.Token-based access control(TBAC)enhances the manageability of authorization through the token.However,traditional access control policies lack the ability to dynamically adjust based on user access behavior.Incorporating user reputation evaluation into access control can provide valuable feedback to enhance system security and flexibility.As a result,this paper proposes a blockchain-empowered TBAC system and introduces a user reputation evaluation module to provide feedback on access control.The TBAC system divides the access control process into three stages:policy upload,token request,and resource request.The user reputation evaluation module evaluates the user’s token reputation and resource reputation for the token request and resource request stages of the TBAC system.The proposed system is implemented using the Hyperledger Fabric blockchain.The TBAC system is evaluated to prove that it has high processing performance.The user reputation evaluation model is proved to be more conservative and sensitive by comparative study with other methods.In addition,the security analysis shows that the TBAC system has a certain anti-attack ability and can maintain stable operation under the Distributed Denial of Service(DDoS)attack environment. 展开更多
关键词 access control reputation evaluation feedback blockchain
下载PDF
Attribute-based access control policy specification language 被引量:6
19
作者 叶春晓 钟将 冯永 《Journal of Southeast University(English Edition)》 EI CAS 2008年第3期260-263,共4页
This paper first introduces attribute expression to describe attribute-based access control policy.Secondly,an access control policy enforcement language named A-XACML (attribute-XACML)is proposed,which is an extens... This paper first introduces attribute expression to describe attribute-based access control policy.Secondly,an access control policy enforcement language named A-XACML (attribute-XACML)is proposed,which is an extension of XACML.A-XACML is used as a simple,flexible way to express and enforce access control policies,especially attribute-based access control policy,in a variety of environments.The language and schema support include data types,functions,and combining logic which allow simple and complex policies to be defined.Finally,a system architecture and application case of user-role assignment is given to show how attribute expressions and A-XACML work in access control policy description and enforcement.The case shows that attribute expression and A-XACML can describe and enforce the complex access control policy in a simple and flexible way. 展开更多
关键词 role-based access control POLICY XML XACML
下载PDF
EduASAC:A Blockchain-Based Education Archive Sharing and Access Control System
20
作者 Ronglei Hu Chuce He +4 位作者 Yaping Chi Xiaoyi Duan Xiaohong Fan Ping Xu Wenbin Gao 《Computers, Materials & Continua》 SCIE EI 2023年第12期3387-3422,共36页
In the education archive sharing system,when performing homomorphic ciphertext retrieval on the storage server,there are problems such as low security of shared data,confusing parameter management,and weak access cont... In the education archive sharing system,when performing homomorphic ciphertext retrieval on the storage server,there are problems such as low security of shared data,confusing parameter management,and weak access control.This paper proposes an Education Archives Sharing and Access Control(EduASAC)system to solve these problems.The system research goal is to realize the sharing of security parameters,the execution of access control,and the recording of system behaviors based on the blockchain network,ensuring the legitimacy of shared membership and the security of education archives.At the same time,the system can be combined with most homomorphic ciphertext retrieval schemes running on the storage server,making the homomorphic ciphertext retrieval mechanism controllable.This paper focuses on the blockchain access control framework and specifically designs smart contracts that conform to the business logic of the EduASAC system.The former adopts a dual-mode access control mechanism combining Discretionary Access Control(DAC)and Mandatory Access Control(MAC)and improves the tagging mode after user permission verification based on the Authentication and Authorization for Constrained Environments(ACE)authorization framework of Open Authorization(OAuth)2.0;the latter is used in the system to vote on nodes to join requests,define access control policies,execute permission verification processes,store,and share system parameters,and standardize the behavior of member nodes.Finally,the EduASAC system realizes the encryption,storage,retrieval,sharing,and access control processes of education archives.To verify the performance of the system,simulation experiments were conducted.The results show that the EduASAC system can meet the high security needs of education archive sharing and ensure the system’s high throughput,low latency,fast decision-making,and fine-grained access control ability. 展开更多
关键词 Blockchain data security access control smart contract
下载PDF
上一页 1 2 250 下一页 到第
使用帮助 返回顶部