高级检索

    一种基于风险的多域互操作动态访问控制模型

    A Dynamic Access Control Model for Inter-Operation in Multi-Domain Environment Based on Risk

    • 摘要: 随着Internet及其相关技术的快速发展,在开放的、异构的多自治域环境下,出现了大量的分布式应用之间的互操作. 多自治域环境的复杂性与信息安全共享不断演变进化的特点,使得传统访问控制模型难以保证数据资源在交互过程中的安全.通过将风险概念引入访问控制中,提出一种基于风险的多域动态访问控制模型.在本模型中,主体所具有的某项安全策略的风险等级由自治域间的互操作历史记录、客体的安全等级以及访问事件的安全系数得出,通过对高风险等级的安全策略进行调整以达到对系统风险的实时控制.理论分析表明这种方法可有效保证访问控制的灵活性和多自治域环境的安全性.

       

      Abstract: The rapid development of Internet and related technologies has created tremendous possibilities for the interoperability between applications in open and heterogeneous distributed environment. Interoperability provides a means for distributed applications to share resources and services, which improves performance and resource utilization. Access control is a crucial security technology. It can control the legal users to sensitive resources effectively and ensure users to access relative resource. For the complexity of the multi-domain environment and the ceaseless evolvement of the information secure share, the traditional access control method can not ensure the absolute security for the exchange of data resource. Traditional access control model can not satisfy the requirement of the dynamic of the multi-domain environment. Through introducing the concept of risk, the authors propose a dynamic access control model for multi-domain environment based on the risk of inter-operations. The risk grade of an access policy can be calculated by the history of the inter-operations among domains; the security degree of the objects and the safety factor of the access events. Through adjusting the access policies which have high risk grade, the risk in the system can be controlled in real time. The analysis of the security theory shows that this method can reinforce the facility of the access control and the security of the multi-domain environment.

       

    /

    返回文章
    返回