摘要: 在角色访问控制的基础上,增加用户动态信任级别和静态信任级别,建立一种基于用户信任的动态多级访问控制模型。该模型通过用户的静态信任值和角色,获得静态权限,判断用户获得权限的资格,通过用户的动态信任值,判断用户的行为可信性,决定用户在实际访问操作中的具体权限。给出应用实例及模型安全性分析,结果表明该模型能实现动态授权,且满足最小特权原则。
关键词:
静态信任,
动态信任,
角色访问控制,
信任等级,
动态授权
Abstract: On the basis of Role-based Access Control(RBAC), this paper adds user’s static trust level and dynamic trust level, presents a kind of user trust based dynamic multi-level access control model. The model can get static permission according to user static trust value and role, and can judge the user behavior trust and decide the concrete application permissions according to user dynamic trust value in the process of user accessing resource. It gives the application example and the safety analysis, results show that the model can grant authorization dynamically and meets minor privilege principle.
Key words:
static trust,
dynamic trust,
Role-based Access Control(RBAC),
trust level,
dynamic authorization
中图分类号:
朱一群. 基于用户信任的动态多级访问控制模型[J]. 计算机工程, 2011, 37(23): 129-131.
SHU Yi-Qun. Dynamic Multi-level Access Control Model Based on User Trust[J]. Computer Engineering, 2011, 37(23): 129-131.