协同环境中共有资源的细粒度协作访问控制策略
DOI:
作者:
作者单位:

作者简介:

通讯作者:

中图分类号:

基金项目:

Supported by the National Natural Science Foundation of China under Grant No.60273027 (国家自然科学基金); the National Grand Fundamental Research Program of China under Grant No. G1999035802(国家重点基础研究发展规划(973)); the National Science Fund for Distinguished Young Scholars under Grant No.60025205 (国家杰出青年科学基金); the Hi-Tech Research and Development Program of China under Grant No2004AA147070 (国家高技术研究发展计划(863))


A Fine-Grained Coalition Access Control Policy for Jointly-Owned Resources in Collaborative Environments
Author:
Affiliation:

Fund Project:

  • 摘要
  • |
  • 图/表
  • |
  • 访问统计
  • |
  • 参考文献
  • |
  • 相似文献
  • |
  • 引证文献
  • |
  • 资源附件
  • |
  • 文章评论
    摘要:

    在军事和商业领域中,由多个自治域形成的协作群体对共有资源(如客体、应用程序以及服务等)的访问问题越来越受到重视.协作中的基本事实是:尽管这些自治域有共同的目标,但同时有不同的自身利益.为了有效地保护共有资源,把"信任"的概念引入了协作访问控制中,并在基于量化权限的思想上,提出了细粒度的协作访问控制策略.在该策略里,权限的使用形式是元权限,也就是单位权限,它是访问共有客体权限的一个划分,可为多个域中不同用户所拥有.当访问共有资源时,参与者们所拥有的元权限的值之和以及人数必须达到规定的权限门限值和人数值,并且访问时间是所有参与者的共同许可访问时间段,这使得可以对协作资源进行有效地分布控制.另外,还引入了元权限的使用时间段约束.最后,证明了该细粒度协作访问控制策略关于协作系统的状态转换是保持安全的.

    Abstract:

    Joint access to shared resources (e.g., objects, applications, and services) among autonomous domains that form a coalition has recently become important in both military and commercial areas. The brass tacks in coalition are that these domains have different self-interests although they focus on achieving a common goal. In this paper, to enable effective protection of jointly-owned resources, the notion of trust into coalition access control is built, and a fine-grained access control policy based on quantifying permission idea is proposed. The usage format of permission in this policy is meta-permission that is a share of access permission to coalition resources and is owned by multiple domain users. When accessing jointly owned resources, the sum of participants'meta-permission value must attain a predefined permission quantity called "permission-threshold" and an assigned participant member number. In addition, permissible time span of the meta-permission is also taken into account to achieve the above goals and access requesting time must fall into their common permissible time span. Doing this enables the coalition to retain control over the access to coalition resources in distributed environments. Lastly, the preserving security property of the fine-grained access control policy with respect to state transition is proven.

    参考文献
    相似文献
    引证文献
引用本文

雷浩,黄建,冯登国.协同环境中共有资源的细粒度协作访问控制策略.软件学报,2005,16(5):1000-1011

复制
分享
文章指标
  • 点击次数:
  • 下载次数:
  • HTML阅读次数:
  • 引用次数:
历史
  • 收稿日期:2004-02-27
  • 最后修改日期:2004-07-27
  • 录用日期:
  • 在线发布日期:
  • 出版日期:
您是第位访问者
版权所有:中国科学院软件研究所 京ICP备05046678号-3
地址:北京市海淀区中关村南四街4号,邮政编码:100190
电话:010-62562563 传真:010-62562533 Email:jos@iscas.ac.cn
技术支持:北京勤云科技发展有限公司

京公网安备 11040202500063号