期刊文献+
共找到8,342篇文章
< 1 2 250 >
每页显示 20 50 100
Visualization Framework for Inter-Domain Access Control Policy Integration
1
作者 潘理 柳宁 訾小超 《China Communications》 SCIE CSCD 2013年第3期67-75,共9页
The rapid increase in resource sharing across domains in the cloud comput- ing environment makes the task of managing inter-domain access control policy integration difficult for the security administrators. Al- thoug... The rapid increase in resource sharing across domains in the cloud comput- ing environment makes the task of managing inter-domain access control policy integration difficult for the security administrators. Al- though a number of policy integration and sec- urity analysis mechanisms have been devel- oped, few focus on enabling the average ad- ministrator by providing an intuitive cognitive sense about the integrated policies, which considerably undermines the usability factor. In this paper we propose a visualization flame- work for inter-domain access control policy integration, which integrates Role Based Ac- cess Control (RBAC) policies on the basis of role-mapping and then visualizes the inte- grated result. The role mapping algorithm in the framework considers the hybrid role hier- archy. It can not only satisfy the security con- straints of non-cyclic inheritance and separa- tion of duty but also make visualization easier. The framework uses role-permission trees and semantic substrates to visualize the integrated policies. Through the interactive policy query visualization, the average administrator can gain an intuitive understanding of the policy integration result. 展开更多
关键词 policy visualization policy integration role based access control role mapping
下载PDF
A Blockchain-Based Access Control Scheme for Reputation Value Attributes of the Internet of Things 被引量:1
2
作者 Hongliang Tian Junyuan Tian 《Computers, Materials & Continua》 SCIE EI 2024年第1期1297-1310,共14页
The Internet of Things(IoT)access controlmechanism may encounter security issues such as single point of failure and data tampering.To address these issues,a blockchain-based IoT reputation value attribute access cont... The Internet of Things(IoT)access controlmechanism may encounter security issues such as single point of failure and data tampering.To address these issues,a blockchain-based IoT reputation value attribute access control scheme is proposed.Firstly,writing the reputation value as an attribute into the access control policy,and then deploying the access control policy in the smart contract of the blockchain system can enable the system to provide more fine-grained access control;Secondly,storing a large amount of resources fromthe Internet of Things in Inter Planetary File System(IPFS)to improve system throughput;Finally,map resource access operations to qualification tokens to improve the performance of the access control system.Complete simulation experiments based on the Hyperledger Fabric platform.Fromthe simulation experimental results,it can be seen that the access control system can achieve more fine-grained and dynamic access control while maintaining high throughput and low time delay,providing sufficient reliability and security for access control of IoT devices. 展开更多
关键词 Blockchain IOT access control Hyperledger Fabric
下载PDF
Adaptable and Dynamic Access Control Decision-Enforcement Approach Based on Multilayer Hybrid Deep Learning Techniques in BYOD Environment
3
作者 Aljuaid Turkea Ayedh M Ainuddin Wahid Abdul Wahab Mohd Yamani Idna Idris 《Computers, Materials & Continua》 SCIE EI 2024年第9期4663-4686,共24页
Organizations are adopting the Bring Your Own Device(BYOD)concept to enhance productivity and reduce expenses.However,this trend introduces security challenges,such as unauthorized access.Traditional access control sy... Organizations are adopting the Bring Your Own Device(BYOD)concept to enhance productivity and reduce expenses.However,this trend introduces security challenges,such as unauthorized access.Traditional access control systems,such as Attribute-Based Access Control(ABAC)and Role-Based Access Control(RBAC),are limited in their ability to enforce access decisions due to the variability and dynamism of attributes related to users and resources.This paper proposes a method for enforcing access decisions that is adaptable and dynamic,based on multilayer hybrid deep learning techniques,particularly the Tabular Deep Neural Network Tabular DNN method.This technique transforms all input attributes in an access request into a binary classification(allow or deny)using multiple layers,ensuring accurate and efficient access decision-making.The proposed solution was evaluated using the Kaggle Amazon access control policy dataset and demonstrated its effectiveness by achieving a 94%accuracy rate.Additionally,the proposed solution enhances the implementation of access decisions based on a variety of resource and user attributes while ensuring privacy through indirect communication with the Policy Administration Point(PAP).This solution significantly improves the flexibility of access control systems,making themmore dynamic and adaptable to the evolving needs ofmodern organizations.Furthermore,it offers a scalable approach to manage the complexities associated with the BYOD environment,providing a robust framework for secure and efficient access management. 展开更多
关键词 BYOD security access control access control decision-enforcement deep learning neural network techniques TabularDNN MULTILAYER dynamic adaptable FLEXIBILITY bottlenecks performance policy conflict
下载PDF
Blockchain-Enabled Privacy Protection and Access Control Scheme Towards Sensitive Digital Assets Management
4
作者 Duan Pengfei Ma Zhaofeng +2 位作者 Zhang Yuqing Wang Jingyu Luo Shoushan 《China Communications》 SCIE CSCD 2024年第7期224-236,共13页
With the growth of requirements for data sharing,a novel business model of digital assets trading has emerged that allows data owners to sell their data for monetary gain.In the distributed ledger of blockchain,howeve... With the growth of requirements for data sharing,a novel business model of digital assets trading has emerged that allows data owners to sell their data for monetary gain.In the distributed ledger of blockchain,however,the privacy of stakeholder's identity and the confidentiality of data content are threatened.Therefore,we proposed a blockchainenabled privacy-preserving and access control scheme to address the above problems.First,the multi-channel mechanism is introduced to provide the privacy protection of distributed ledger inside the channel and achieve coarse-grained access control to digital assets.Then,we use multi-authority attribute-based encryption(MAABE)algorithm to build a fine-grained access control model for data trading in a single channel and describe its instantiation in detail.Security analysis shows that the scheme has IND-CPA secure and can provide privacy protection and collusion resistance.Compared with other schemes,our solution has better performance in privacy protection and access control.The evaluation results demonstrate its effectiveness and practicability. 展开更多
关键词 access control data trading MAABE multi-channel privacy preserving
下载PDF
Cross-Domain Bilateral Access Control on Blockchain-Cloud Based Data Trading System
5
作者 Youngho Park Su Jin Shin Sang Uk Shin 《Computer Modeling in Engineering & Sciences》 SCIE EI 2024年第10期671-688,共18页
Data trading enables data owners and data requesters to sell and purchase data.With the emergence of blockchain technology,research on blockchain-based data trading systems is receiving a lot of attention.Particularly... Data trading enables data owners and data requesters to sell and purchase data.With the emergence of blockchain technology,research on blockchain-based data trading systems is receiving a lot of attention.Particularly,to reduce the on-chain storage cost,a novel paradigm of blockchain and cloud fusion has been widely considered as a promising data trading platform.Moreover,the fact that data can be used for commercial purposes will encourage users and organizations from various fields to participate in the data marketplace.In the data marketplace,it is a challenge how to trade the data securely outsourced to the external cloud in a way that restricts access to the data only to authorized users across multiple domains.In this paper,we propose a cross-domain bilateral access control protocol for blockchain-cloud based data trading systems.We consider a system model that consists of domain authorities,data senders,data receivers,a blockchain layer,and a cloud provider.The proposed protocol enables access control and source identification of the outsourced data by leveraging identity-based cryptographic techniques.In the proposed protocol,the outsourced data of the sender is encrypted under the target receiver’s identity,and the cloud provider performs policy-match verification on the authorization tags of the sender and receiver generated by the identity-based signature scheme.Therefore,data trading can be achieved only if the identities of the data sender and receiver simultaneously meet the policies specified by each other.To demonstrate efficiency,we evaluate the performance of the proposed protocol and compare it with existing studies. 展开更多
关键词 Bilateral access control blockchain data sharing policy-match
下载PDF
Big Data Access Control Mechanism Based on Two-Layer Permission Decision Structure
6
作者 Aodi Liu Na Wang +3 位作者 Xuehui Du Dibin Shan Xiangyu Wu Wenjuan Wang 《Computers, Materials & Continua》 SCIE EI 2024年第4期1705-1726,共22页
Big data resources are characterized by large scale, wide sources, and strong dynamics. Existing access controlmechanisms based on manual policy formulation by security experts suffer from drawbacks such as low policy... Big data resources are characterized by large scale, wide sources, and strong dynamics. Existing access controlmechanisms based on manual policy formulation by security experts suffer from drawbacks such as low policymanagement efficiency and difficulty in accurately describing the access control policy. To overcome theseproblems, this paper proposes a big data access control mechanism based on a two-layer permission decisionstructure. This mechanism extends the attribute-based access control (ABAC) model. Business attributes areintroduced in the ABAC model as business constraints between entities. The proposed mechanism implementsa two-layer permission decision structure composed of the inherent attributes of access control entities and thebusiness attributes, which constitute the general permission decision algorithm based on logical calculation andthe business permission decision algorithm based on a bi-directional long short-term memory (BiLSTM) neuralnetwork, respectively. The general permission decision algorithm is used to implement accurate policy decisions,while the business permission decision algorithm implements fuzzy decisions based on the business constraints.The BiLSTM neural network is used to calculate the similarity of the business attributes to realize intelligent,adaptive, and efficient access control permission decisions. Through the two-layer permission decision structure,the complex and diverse big data access control management requirements can be satisfied by considering thesecurity and availability of resources. Experimental results show that the proposed mechanism is effective andreliable. In summary, it can efficiently support the secure sharing of big data resources. 展开更多
关键词 Big data access control data security BiLSTM
下载PDF
Automatic Generation of Attribute-Based Access Control Policies from Natural Language Documents
7
作者 Fangfang Shan Zhenyu Wang +1 位作者 Mengyao Liu Menghan Zhang 《Computers, Materials & Continua》 SCIE EI 2024年第9期3881-3902,共22页
In response to the challenges of generating Attribute-Based Access Control(ABAC)policies,this paper proposes a deep learning-based method to automatically generate ABAC policies from natural language documents.This me... In response to the challenges of generating Attribute-Based Access Control(ABAC)policies,this paper proposes a deep learning-based method to automatically generate ABAC policies from natural language documents.This method is aimed at organizations such as companies and schools that are transitioning from traditional access control models to the ABAC model.The manual retrieval and analysis involved in this transition are inefficient,prone to errors,and costly.Most organizations have high-level specifications defined for security policies that include a set of access control policies,which often exist in the form of natural language documents.Utilizing this rich source of information,our method effectively identifies and extracts the necessary attributes and rules for access control from natural language documents,thereby constructing and optimizing access control policies.This work transforms the problem of policy automation generation into two tasks:extraction of access control statements andmining of access control attributes.First,the Chat General Language Model(ChatGLM)isemployed to extract access control-related statements from a wide range of natural language documents by constructing unique prompts and leveraging the model’s In-Context Learning to contextualize the statements.Then,the Iterated Dilated-Convolutions-Conditional Random Field(ID-CNN-CRF)model is used to annotate access control attributes within these extracted statements,including subject attributes,object attributes,and action attributes,thus reassembling new access control policies.Experimental results show that our method,compared to baseline methods,achieved the highest F1 score of 0.961,confirming the model’s effectiveness and accuracy. 展开更多
关键词 access control policy generation natural language deep learning
下载PDF
Deep Learning Social Network Access Control Model Based on User Preferences
8
作者 Fangfang Shan Fuyang Li +3 位作者 Zhenyu Wang Peiyu Ji Mengyi Wang Huifang Sun 《Computer Modeling in Engineering & Sciences》 SCIE EI 2024年第7期1029-1044,共16页
A deep learning access controlmodel based on user preferences is proposed to address the issue of personal privacy leakage in social networks.Firstly,socialusers andsocialdata entities are extractedfromthe social netw... A deep learning access controlmodel based on user preferences is proposed to address the issue of personal privacy leakage in social networks.Firstly,socialusers andsocialdata entities are extractedfromthe social networkandused to construct homogeneous and heterogeneous graphs.Secondly,a graph neural networkmodel is designed based on user daily social behavior and daily social data to simulate the dissemination and changes of user social preferences and user personal preferences in the social network.Then,high-order neighbor nodes,hidden neighbor nodes,displayed neighbor nodes,and social data nodes are used to update user nodes to expand the depth and breadth of user preferences.Finally,a multi-layer attention network is used to classify user nodes in the homogeneous graph into two classes:allow access and deny access.The fine-grained access control problem in social networks is transformed into a node classification problem in a graph neural network.The model is validated using a dataset and compared with other methods without losing generality.The model improved accuracy by 2.18%compared to the baseline method GraphSAGE,and improved F1 score by 1.45%compared to the baseline method,verifying the effectiveness of the model. 展开更多
关键词 Graph neural networks user preferences access control social network
下载PDF
A Dual-Cluster-Head Based Medium Access Control for Large-Scale UAV Ad-Hoc Networks
9
作者 Zhao Xinru Wei Zhiqing +3 位作者 Zou Yingying Ma Hao Cui Yanpeng Feng Zhiyong 《China Communications》 SCIE CSCD 2024年第5期123-136,共14页
Unmanned Aerial Vehicle(UAV)ad hoc network has achieved significant growth for its flexibility,extensibility,and high deployability in recent years.The application of clustering scheme for UAV ad hoc network is impera... Unmanned Aerial Vehicle(UAV)ad hoc network has achieved significant growth for its flexibility,extensibility,and high deployability in recent years.The application of clustering scheme for UAV ad hoc network is imperative to enhance the performance of throughput and energy efficiency.In conventional clustering scheme,a single cluster head(CH)is always assigned in each cluster.However,this method has some weaknesses such as overload and premature death of CH when the number of UAVs increased.In order to solve this problem,we propose a dual-cluster-head based medium access control(DCHMAC)scheme for large-scale UAV networks.In DCHMAC,two CHs are elected to manage resource allocation and data forwarding cooperatively.Specifically,two CHs work on different channels.One of CH is used for intra-cluster communication and the other one is for inter-cluster communication.A Markov chain model is developed to analyse the throughput of the network.Simulation result shows that compared with FM-MAC(flying ad hoc networks multi-channel MAC,FM-MAC),DCHMAC improves the throughput by approximately 20%~50%and prolongs the network lifetime by approximately 40%. 展开更多
关键词 dual cluster head medium access control UAV swarm
下载PDF
Blockchain-Empowered Token-Based Access Control System with User Reputation Evaluation 被引量:1
10
作者 Yuzheng Yang Zhe Tu +1 位作者 Ying Liu Huachun Zhou 《Computers, Materials & Continua》 SCIE EI 2023年第12期3163-3184,共22页
Currently,data security and privacy protection are becoming more and more important.Access control is a method of authorization for users through predefined policies.Token-based access control(TBAC)enhances the manage... Currently,data security and privacy protection are becoming more and more important.Access control is a method of authorization for users through predefined policies.Token-based access control(TBAC)enhances the manageability of authorization through the token.However,traditional access control policies lack the ability to dynamically adjust based on user access behavior.Incorporating user reputation evaluation into access control can provide valuable feedback to enhance system security and flexibility.As a result,this paper proposes a blockchain-empowered TBAC system and introduces a user reputation evaluation module to provide feedback on access control.The TBAC system divides the access control process into three stages:policy upload,token request,and resource request.The user reputation evaluation module evaluates the user’s token reputation and resource reputation for the token request and resource request stages of the TBAC system.The proposed system is implemented using the Hyperledger Fabric blockchain.The TBAC system is evaluated to prove that it has high processing performance.The user reputation evaluation model is proved to be more conservative and sensitive by comparative study with other methods.In addition,the security analysis shows that the TBAC system has a certain anti-attack ability and can maintain stable operation under the Distributed Denial of Service(DDoS)attack environment. 展开更多
关键词 access control reputation evaluation feedback blockchain
下载PDF
EduASAC:A Blockchain-Based Education Archive Sharing and Access Control System
11
作者 Ronglei Hu Chuce He +4 位作者 Yaping Chi Xiaoyi Duan Xiaohong Fan Ping Xu Wenbin Gao 《Computers, Materials & Continua》 SCIE EI 2023年第12期3387-3422,共36页
In the education archive sharing system,when performing homomorphic ciphertext retrieval on the storage server,there are problems such as low security of shared data,confusing parameter management,and weak access cont... In the education archive sharing system,when performing homomorphic ciphertext retrieval on the storage server,there are problems such as low security of shared data,confusing parameter management,and weak access control.This paper proposes an Education Archives Sharing and Access Control(EduASAC)system to solve these problems.The system research goal is to realize the sharing of security parameters,the execution of access control,and the recording of system behaviors based on the blockchain network,ensuring the legitimacy of shared membership and the security of education archives.At the same time,the system can be combined with most homomorphic ciphertext retrieval schemes running on the storage server,making the homomorphic ciphertext retrieval mechanism controllable.This paper focuses on the blockchain access control framework and specifically designs smart contracts that conform to the business logic of the EduASAC system.The former adopts a dual-mode access control mechanism combining Discretionary Access Control(DAC)and Mandatory Access Control(MAC)and improves the tagging mode after user permission verification based on the Authentication and Authorization for Constrained Environments(ACE)authorization framework of Open Authorization(OAuth)2.0;the latter is used in the system to vote on nodes to join requests,define access control policies,execute permission verification processes,store,and share system parameters,and standardize the behavior of member nodes.Finally,the EduASAC system realizes the encryption,storage,retrieval,sharing,and access control processes of education archives.To verify the performance of the system,simulation experiments were conducted.The results show that the EduASAC system can meet the high security needs of education archive sharing and ensure the system’s high throughput,low latency,fast decision-making,and fine-grained access control ability. 展开更多
关键词 Blockchain data security access control smart contract
下载PDF
Ether-IoT:A Realtime Lightweight and Scalable Blockchain-Enabled Cache Algorithm for IoT Access Control
12
作者 Hafiz Adnan Hussain Zulkefli Mansor +1 位作者 Zarina Shukur Uzma Jafar 《Computers, Materials & Continua》 SCIE EI 2023年第5期3797-3815,共19页
Several unique characteristics of Internet of Things(IoT)devices,such as distributed deployment and limited storage,make it challenging for standard centralized access control systems to enable access control in today... Several unique characteristics of Internet of Things(IoT)devices,such as distributed deployment and limited storage,make it challenging for standard centralized access control systems to enable access control in today’s large-scale IoT ecosystem.To solve these challenges,this study presents an IoT access control system called Ether-IoT based on the Ethereum Blockchain(BC)infrastructure with Attribute-Based Access Control(ABAC).Access Contract(AC),Cache Contract(CC),Device Contract(DC),and Policy Contract(PC)are the four central smart contracts(SCs)that are included in the proposed system.CC offers a way to save user characteristics in a local cache system to avoid delays during transactions between BC and IoT devices.AC is the fundamental program users typically need to run to build an access control technique.DC offers a means for storing the resource data created by devices and a method for querying that data.PC offers administrative settings to handle ABAC policies on users’behalf.Ether-IoT,combined with ABAC and the BC,enables IoT access control management that is decentralized,fine-grained and dynamically scalable.This research gives a real-world case study to illustrate the suggested framework’s implementation.In the end,a simulation experiment is performed to evaluate the system’s performance.To ensure data integrity in dispersed systems,the results show that Ether-IoT can sustain high throughput in contexts with a large number of requests. 展开更多
关键词 Blockchain Internet of Things IOT access control ABAC Ethereum distributed system
下载PDF
Attribute-based access control policy specification language 被引量:6
13
作者 叶春晓 钟将 冯永 《Journal of Southeast University(English Edition)》 EI CAS 2008年第3期260-263,共4页
This paper first introduces attribute expression to describe attribute-based access control policy.Secondly,an access control policy enforcement language named A-XACML (attribute-XACML)is proposed,which is an extens... This paper first introduces attribute expression to describe attribute-based access control policy.Secondly,an access control policy enforcement language named A-XACML (attribute-XACML)is proposed,which is an extension of XACML.A-XACML is used as a simple,flexible way to express and enforce access control policies,especially attribute-based access control policy,in a variety of environments.The language and schema support include data types,functions,and combining logic which allow simple and complex policies to be defined.Finally,a system architecture and application case of user-role assignment is given to show how attribute expressions and A-XACML work in access control policy description and enforcement.The case shows that attribute expression and A-XACML can describe and enforce the complex access control policy in a simple and flexible way. 展开更多
关键词 role-based access control POLICY XML XACML
下载PDF
A New Role Hierarchy Model for Role Based Access Control 被引量:2
14
作者 吕宜洪 宋瀚涛 龚元明 《Journal of Beijing Institute of Technology》 EI CAS 2002年第4期409-413,共5页
A new role hierarchy model for RBAC (role-based access control) is presented and its features are illustrated through examples. Some new concepts such as private permission, public permission and special permission ar... A new role hierarchy model for RBAC (role-based access control) is presented and its features are illustrated through examples. Some new concepts such as private permission, public permission and special permission are introduced, based on the RRA97 model. Some new role-role inheriting forms such as normal inheritance, private inheritance, public inheritance and special-without inheritance are defined. Based on the ideas mentioned, the new role hierarchy model is formulated. It is easier and more comprehensible to describe role-role relationships through the new model than through the traditional ones. The new model is closer to the real world and its mechanism is more powerful. Particularly it is more suitable when used in large-scale role hierarchies. 展开更多
关键词 RBAC access control ROLE INHERIT role hierarchy
下载PDF
Multi-level access control model for tree-like hierarchical organizations
15
作者 於光灿 李瑞轩 +3 位作者 卢正鼎 Mudar Sarem 宋伟 苏永红 《Journal of Southeast University(English Edition)》 EI CAS 2008年第3期393-396,共4页
An access control model is proposed based on the famous Bell-LaPadula (BLP) model.In the proposed model,hierarchical relationships among departments are built,a new concept named post is proposed,and assigning secur... An access control model is proposed based on the famous Bell-LaPadula (BLP) model.In the proposed model,hierarchical relationships among departments are built,a new concept named post is proposed,and assigning security tags to subjects and objects is greatly simplified.The interoperation among different departments is implemented through assigning multiple security tags to one post, and the more departments are closed on the organization tree,the more secret objects can be exchanged by the staff of the departments.The access control matrices of the department,post and staff are defined.By using the three access control matrices,a multi granularity and flexible discretionary access control policy is implemented.The outstanding merit of the BLP model is inherited,and the new model can guarantee that all the information flow is under control.Finally,our study shows that compared to the BLP model,the proposed model is more flexible. 展开更多
关键词 multi-level access control hierarchical organization multiple security tags
下载PDF
IEEE 802.11e Medium Access Control层QoS机制的改进研究
16
作者 周立衡 邱恭安 章国安 《南通大学学报(自然科学版)》 CAS 2009年第3期6-9,共4页
针对IEEE802.11e Medium Access Control层的QoS机制高负载时存在远端节点冲突和低优先级业务资源被耗尽的问题,提出在牺牲较小带宽的基础上增加一条忙音信道,取代CTS帧在数据信道上的广播,减少远端节点的冲突.仿真结果表明,该方案具有... 针对IEEE802.11e Medium Access Control层的QoS机制高负载时存在远端节点冲突和低优先级业务资源被耗尽的问题,提出在牺牲较小带宽的基础上增加一条忙音信道,取代CTS帧在数据信道上的广播,减少远端节点的冲突.仿真结果表明,该方案具有较小的冲突概率,有效地减少了远端节点冲突.同时提出一个解决公平性问题的新思路:在避退时间发送忙音抢占信道,以期提高低优先级业务的接入概率. 展开更多
关键词 IEEE 802.11e MEDIUM access control QOS机制 远端节点冲突 改进方案
下载PDF
Role based access control design using Triadic concept analysis 被引量:9
17
作者 Ch.Aswani Kumar S.Chandra Mouliswaran +1 位作者 LI Jin-hai C.Chandrasekar 《Journal of Central South University》 SCIE EI CAS CSCD 2016年第12期3183-3191,共9页
Role based access control is one of the widely used access control models.There are investigations in the literature that use knowledge representation mechanisms such as formal concept analysis(FCA),description logics... Role based access control is one of the widely used access control models.There are investigations in the literature that use knowledge representation mechanisms such as formal concept analysis(FCA),description logics,and Ontology for representing access control mechanism.However,while using FCA,investigations reported in the literature so far work on the logic that transforms the three dimensional access control matrix into dyadic formal contexts.This transformation is mainly to derive the formal concepts,lattice structure and implications to represent role hierarchy and constraints of RBAC.In this work,we propose a methodology that models RBAC using triadic FCA without transforming the triadic access control matrix into dyadic formal contexts.Our discussion is on two lines of inquiry.We present how triadic FCA can provide a suitable representation of RBAC policy and we demonstrate how this representation follows role hierarchy and constraints of RBAC on sample healthcare network available in the literature. 展开更多
关键词 access control concept lattice role based access control role hierarchy triadic context triadic concept analysis
下载PDF
Attribute-Based Access Control for Multi-Authority Systems with Constant Size Ciphertext in Cloud Computing 被引量:16
18
作者 CHEN Yanli SONG Lingling YANG Geng 《China Communications》 SCIE CSCD 2016年第2期146-162,共17页
In most existing CP-ABE schemes, there is only one authority in the system and all the public keys and private keys are issued by this authority, which incurs ciphertext size and computation costs in the encryption an... In most existing CP-ABE schemes, there is only one authority in the system and all the public keys and private keys are issued by this authority, which incurs ciphertext size and computation costs in the encryption and decryption operations that depend at least linearly on the number of attributes involved in the access policy. We propose an efficient multi-authority CP-ABE scheme in which the authorities need not interact to generate public information during the system initialization phase. Our scheme has constant ciphertext length and a constant number of pairing computations. Our scheme can be proven CPA-secure in random oracle model under the decision q-BDHE assumption. When user's attributes revocation occurs, the scheme transfers most re-encryption work to the cloud service provider, reducing the data owner's computational cost on the premise of security. Finally the analysis and simulation result show that the schemes proposed in this thesis ensure the privacy and secure access of sensitive data stored in the cloud server, and be able to cope with the dynamic changes of users' access privileges in large-scale systems. Besides, the multi-authority ABE eliminates the key escrow problem, achieves the length of ciphertext optimization and enhances the effi ciency of the encryption and decryption operations. 展开更多
关键词 cloud computing attribute-basedencryption access control multi-authority constant ciphertext length attribute revocation
下载PDF
Design and Implementation of File Access and Control System Based on Dynamic Web 被引量:3
19
作者 GAO Fuxiang YAO Lan BAO Shengfei YU Ge 《Wuhan University Journal of Natural Sciences》 CAS 2006年第5期1233-1237,共5页
A dynamic Web application, which can help the departments of enterprise to collaborate with each other conveniently, is proposed. Several popular design solutions are introduced at first. Then, dynamic Web system is c... A dynamic Web application, which can help the departments of enterprise to collaborate with each other conveniently, is proposed. Several popular design solutions are introduced at first. Then, dynamic Web system is chosen for developing the file access and control system. Finally, the paper gives the detailed process of the design and implementation of the system, which includes some key problems such as solutions of document management and system security. Additionally, the limitations of the system as well as the suggestions of further improvement are also explained. 展开更多
关键词 file access and control ACTIVEX role based access control (RBAC) VERSION
下载PDF
MTBAC: A Mutual Trust Based Access Control Model in Cloud Computing 被引量:12
20
作者 LIN Guoyuan WANG Danru +1 位作者 BIE Yuyu LEI Min 《China Communications》 SCIE CSCD 2014年第4期154-162,共9页
As a new computing mode,cloud computing can provide users with virtualized and scalable web services,which faced with serious security challenges,however.Access control is one of the most important measures to ensure ... As a new computing mode,cloud computing can provide users with virtualized and scalable web services,which faced with serious security challenges,however.Access control is one of the most important measures to ensure the security of cloud computing.But applying traditional access control model into the Cloud directly could not solve the uncertainty and vulnerability caused by the open conditions of cloud computing.In cloud computing environment,only when the security and reliability of both interaction parties are ensured,data security can be effectively guaranteed during interactions between users and the Cloud.Therefore,building a mutual trust relationship between users and cloud platform is the key to implement new kinds of access control method in cloud computing environment.Combining with Trust Management(TM),a mutual trust based access control(MTBAC) model is proposed in this paper.MTBAC model take both user's behavior trust and cloud services node's credibility into consideration.Trust relationships between users and cloud service nodes are established by mutual trust mechanism.Security problems of access control are solved by implementing MTBAC model into cloud computing environment.Simulation experiments show that MTBAC model can guarantee the interaction between users and cloud service nodes. 展开更多
关键词 cloud computing access control trust model mutual trust mechanism MTBAC
下载PDF
上一页 1 2 250 下一页 到第
使用帮助 返回顶部