Role mining and setup affect the usage of role-based access control(RBAC).Traditionally,user's role and permission assigning are manipulated by security administrator of system.However,the cost is expensive and th...Role mining and setup affect the usage of role-based access control(RBAC).Traditionally,user's role and permission assigning are manipulated by security administrator of system.However,the cost is expensive and the operating process is complex.A new role analyzing method was proposed by generating mappings and using them to provide recommendation for systems.The relation among sets of permissions,roles and users was explored by generating mappings,and the relation between sets of users and attributes was analyzed by means of the concept lattice model,generating a critical mapping between the attribute and permission sets,and making the meaning of the role natural and operational.Thus,a role is determined by permission set and user's attributes.The generated mappings were used to automatically assign permissions and roles to new users.Experimental results show that the proposed algorithm is effective and efficient.展开更多
Searchable encryption technology makes it convenient to search encrypted data with keywords for people.A data owner shared his data with other users on the cloud server.For security,it is necessary for him to build a ...Searchable encryption technology makes it convenient to search encrypted data with keywords for people.A data owner shared his data with other users on the cloud server.For security,it is necessary for him to build a fine-grained and flexible access control mechanism.The main idea of this paper is to let the owner classify his data and then authorizes others according to categories.The cloud server maintains a permission matrix,which will be used to verify whether a trapdoor is valid or not.In this way we can achieve access control and narrow the search range at the same time.We prove that our scheme can achieve index and trapdoor indistinguishability under chosen keywords attack security in the random oracles.展开更多
基金Project(61003140) supported by the National Natural Science Foundation of ChinaProject(013/2010/A) supported by Macao Science and Technology Development FundProject(10YJC630236) supported by Social Science Foundation for the Youth Scholars of Ministry of Education of China
文摘Role mining and setup affect the usage of role-based access control(RBAC).Traditionally,user's role and permission assigning are manipulated by security administrator of system.However,the cost is expensive and the operating process is complex.A new role analyzing method was proposed by generating mappings and using them to provide recommendation for systems.The relation among sets of permissions,roles and users was explored by generating mappings,and the relation between sets of users and attributes was analyzed by means of the concept lattice model,generating a critical mapping between the attribute and permission sets,and making the meaning of the role natural and operational.Thus,a role is determined by permission set and user's attributes.The generated mappings were used to automatically assign permissions and roles to new users.Experimental results show that the proposed algorithm is effective and efficient.
基金This work is partially supported by the Fundamental Research Funds for the Central Universities(No.30918012204)。
文摘Searchable encryption technology makes it convenient to search encrypted data with keywords for people.A data owner shared his data with other users on the cloud server.For security,it is necessary for him to build a fine-grained and flexible access control mechanism.The main idea of this paper is to let the owner classify his data and then authorizes others according to categories.The cloud server maintains a permission matrix,which will be used to verify whether a trapdoor is valid or not.In this way we can achieve access control and narrow the search range at the same time.We prove that our scheme can achieve index and trapdoor indistinguishability under chosen keywords attack security in the random oracles.
