信息网络安全 ›› 2016, Vol. 16 ›› Issue (7): 71-77.doi: 10.3969/j.issn.1671-1122.2016.07.011

• • 上一篇    下一篇

基于信任值评估的云计算访问控制模型研究

范运东1, 吴晓平1, 石雄2   

  1. 1.海军工程大学信息安全系,湖北武汉 430033
    2.武警部队,北京 100000
  • 收稿日期:2016-06-05 出版日期:2016-07-20 发布日期:2020-05-13
  • 作者简介:

    作者简介: 范运东(1993—),男,黑龙江,硕士研究生,主要研究方向为信息安全;吴晓平(1961—),男,山西,教授,博士,主要研究方向为信息安全、密码学;石雄(1963—),男,江西,高级工程师,主要研究方向为网络安全。

  • 基金资助:
    国家自然科学基金[61100042];湖北省自然科学基金[2015CFC867]

esearch on Access Control Model Based on the Trust Value Assessment of Cloud Computing

Yundong FAN1, Xiaoping WU1, Xiong SHI2   

  1. 1.Department of Information Security, Naval University of Engineering, Wuhan Hubei 430033, China
    2. Department of Armed Police Forces, Beijing 100000, China
  • Received:2016-06-05 Online:2016-07-20 Published:2020-05-13

摘要:

为降低用户行为可能产生的安全威胁,提高云计算系统的安全性,并保证访问控制的动态进行,文章提出了一种基于信任值评估的云计算访问控制模型。该模型通过动态计算用户行为的综合信任值,确定其信任等级,完成授权过程。该模型考虑到用户行为因素相互作用的特点,在建立完善的信任值评估模型的基础上,在信任值计算过程中引入了网络分析法,实现用户行为因素权重的客观分配,提高了模型的可靠性和客观性。同时,在模型中加入衰减因子,进一步保证了用户行为综合信任值的动态变化,使得用户能够动态获得访问权限,提高了云环境的安全性。文章阐述了模型结构、组成元素、访问控制策略及实现过程,最后通过实验分析证明,该模型能够在云环境下动态、安全、可靠地实现访问控制。

关键词: 云计算, 访问控制, 信任值, 动态授权

Abstract:

To reduce the possible threats of users’ behavior, improve the security of cloud computing system, and ensure the dynamic access control, this paper proposes an access control model based on the trust value assessment of cloud computing. The model determines the level of trust and completes the authorization process by dynamically computing the integrated trust value of the user’s behavior. Considering the interaction characteristics of user behavior factors, the model introduces the theory of analytic network process on the basis of establishing the complete trust value evaluation model, which can realize the objective weight distribution of user behavior factor and improve the reliability and objectivity of the model. The attenuation factor is added in the model to further ensure the dynamic change of the integrated trust value of users’ behavior, so that the user can gain the dynamic access and this improves the security of cloud environment. This paper expounds the structure of model, composition elements, implementation process and strategies of access control. And at last the experimental results show that the model can achieve dynamic, secure and reliable access control in cloud environment.

Key words: cloud computing, access control, trust value, dynamic authorization

中图分类号: