微信服务号

微信订阅号

2025-4-6- 8
Home > Archive>Volume 24, Issue 3, 2013 >564-574. DOI:10.3724/SP.J.1001.2013.04242
PDF HTML XML Export Cite reminder
Delegation Based Cross-Domain Access Control Model Under Cloud Computing for Mobile Terminal
Author:
Affiliation:

  • Article
    • | |
  • Metrics
    • |
  • Reference [22]
    • |
  • Related [20]
    • |
  • Cited by [1]
    • | |
  • Comments
    Abstract:

    By considering the frequent migration characteristic of mobile terminal and the existing delegation based RBAC, the delegation based cross-domain access control model in cloud computing of the mobile terminal is presented. This delegation model can solve the problems of the frequent migration. It makes the management node of each domain maintain a dynamic routing table to locate the node. Also, a synthetic method to obtain synthetic mapping role is proposed. By combining the quantified-role method, the delegated node obtains the final mapping role of this cross-domain requirement. This can effectively solve the problem of permission hidden ascension in the mapping. The requirement frequency threshold will avoid the risk which is caused by the malicious node's excessive operation. Analysis shows that the model has better security.

    Reference
    [1] Cloud computing (in Chinese with English abstract) 2011. http://baike.baidu.com/view/1316082.htm.2011
    [2] Feng DG, Zhang M, Zhang Y, Xu Z. Study on Cloud computing security. Ruanjian Xuebao/Journal of Software, 2011,22(1):71-83 (in Chinese with English abstract). http://www.jos.org.cn/1000-9825/3985.htm [doi: 10.3724/SP.J.1001.2011.03958]
    [3] Wang YZ, Feng DG. A survey of research on inter-domain authorization interoperation. Journal of Computer Research and Development, 2010,47(10):1673-1689 (in Chinese with English abstract).
    [4] Zhang QY. Research and Implement on Multi-Domain Policy Integration based on RBAC [MS Thesis]. Shanghai: Shanghai Jiaotong University, 2010 (in Chinese with English abstract).
    [5] Ferraiolo DF, Sandhu R, Gavrila S, Kuhn DR, Chandramouli R. Proposed NIST standard for role-based access control. ACM Trans. on Information and System Security, 2001,4(3):224-274. [doi: 10.1145/501978.501980]
    [6] Hu JW, Li RX, Lu ZD. Establishing RBAC-based secure interoperability in decentralized multi-domain environments. Berlin, Heidelberg: Springer-Verlag, 2007,4817:49-63. [doi: 10.1007/978-3-540-76788-6_5]
    [7] Zhai ZD. Quantified-Role based controllable delegation model. Chinese Journal of Computers, 2006,29(8):1401-1407 (in Chinese with English abstract).
    [8] Cai WH. Wei G. Xiao S. Fine-Grained role delegation model based on mapping mechanism. ACTA Electronica Sinica, 2010,38(8): 1753-1758 (in Chinese with English abstract).
    [9] Barka E, Sandhu R. Framework for role-based delegation models. In: Proc. of the 16th Annual Computer Security Applications Conf. New Orleans, 2000. [doi: 10.1109/ACSAC.2000.898870]
    [10] Zhang LH, Ahn GJ, Chu BT. A rule-based framework for role-based delegation. In: Sandhu RS, Jaeger T, eds. Proc. of the 6th ACM Symp. on Access Control Models and Technologies. New York: ACM Press, 2001. 153-162. [doi: 10.1145/373256.373289]
    [11] Sun B, Zhao QS, Sun YF. TRDM—Temporal role-based delegation model. Journal of Computer Research and Development, 2004, 41(7):1104-1109 (in Chinese with English abstract).
    [12] Freudenthal E, Pesin T, Port L, Keenan E, Karamcheti V. dRBAC: Distributed role-based access control for dynamic coalition environments. Berlin, Heidelberg: Springer-Verlag, 2002. 411-420. [doi: 10.1109/ICDCS.2002.1022279]
    [13] Liu W, Cai JY, He YP. Role-Based fine-grained delegation constraint framework in collaborative environments. Journal on Communication, 2008,29(1):83-91 (in Chinese with English abstract).
    [14] Xu Z, Li L, Feng DG. A constrained role-based delegation model. Ruanjian Xuebao/Journal of Software, 2005,16(5):970-978 (in Chinese with English abstract). http://www.jos.org.cn/1000-9825/16/970.htm [doi: 10.1360/jos160970]
    [15] Hennessy M, Riely J. Resource access control in systems of mobile agents. Electronic Notes in Theoretical Computer Science, 1998, 16(3):174-188. [doi: 10.1016/S1571-0661(04)00141-0]
    [16] Kamath A, Liscano R, El Saddik A. User-Credential based role mapping in multi-domain environment. In: Proc. of the Privacy, Security, Trust (PST). 2006. [doi: 10.1145/1501434.1501507]
    [17] Tang Z, Li RX, Lu ZD. A request-driven role mapping for secure interoperation in multi-domain environment. In: Proc. of the Int'l Conf. on Network and Parallel Computing-Workshops (IFIP 2007). 2007. 83-90. [doi: 10.1109/NPC.2007.33]
    [18] Deng Y, Chen JG, Wang RC, Zhang L. Authorization delegation mechanism based trust level in grid computing. Journal of Communications, 2008,29(9):10-17 (in Chinese with English abstract).
    [19] Li X, Liu L. PeerTrust: Supporting reputation-based trust for peer-to-peer electronic communities. IEEE Trans. on Knowledge and Data Engineering, 2004,16(7):843-857. [doi: 10.1109/TKDE.2004.1318566]
    [20] Liang ZQ, Shi WS. Enforcing cooperative resource sharing in untrusted P2P computing environments. Journal of Mobile Networks and Applications-Springer, 2005,10(6):971-983.
    [21] Li XY, Gui XL. Trust quantitative model with multiple decision factors in trusted network. Chinese Journal of Computers, 2009, 32(3):405-416 (in Chinese with English abstract).
    [22] Sun ZH. The Security Enhancement Study of Embedded Linux Operating System [MS. Thesis]. Nanjing: Nanjing University Aeronautics and Astronautics, 2008 (in Chinese with English abstract).
    Comments
    Comments
    分享到微博
    Submit
Get Citation

袁家斌,魏利利,曾青华.面向移动终端的云计算跨域访问委托模型.软件学报,2013,24(3):564-574

Copy
Share
Article Metrics
  • Abstract:
  • PDF:
  • HTML:
  • Cited by:
History
  • Received:September 07,2011
  • Revised:April 20,2012
  • Online: March 01,2013
Links:Institute of Software, CASChina Computer FederationCASNSFC
You are the first2033315Visitors
Copyright: Institute of Software, Chinese Academy of Sciences Beijing ICP No. 05046678-4
Address:4# South Fourth Street, Zhong Guan Cun, Beijing 100190,Postal Code:100190
Phone:010-62562563 Fax:010-62562533 Email:jos@iscas.ac.cn
Technical Support:Beijing Qinyun Technology Development Co., Ltd.

Beijing Public Network Security No. 11040202500063