信息网络安全 ›› 2019, Vol. 19 ›› Issue (8): 51-60.doi: 10.3969/j.issn.1671-1122.2019.08.008

• 技术研究 • 上一篇    下一篇

面向移动终端隐私保护的访问控制研究

叶阿勇(), 金俊林, 孟玲玉, 赵子文   

  1. 福建师范大学数学与计算机学院,福建福州 350007
  • 收稿日期:2019-04-10 出版日期:2019-08-10 发布日期:2020-05-11
  • 作者简介:

    作者简介:叶阿勇(1977—),男,福建,教授,博士,主要研究方向为基于位置的服务、隐私计算、无线定位技术;金俊林(1994—),男,江苏,硕士研究生,主要研究方向为网络与信息安全;孟玲玉(1994—),女,黑龙江,硕士研究生,主要研究方向为网络与信息安全;赵子文(1992—),男,山东,硕士研究生,主要研究方向为基于位置的服务、车载网隐私保护。

  • 基金资助:
    国家自然科学基金[61072080,61771140,U1405255];福建省自然科学基金[2018J01780];福州市科技重大项目[榕科(2017)325号]

Research on Access Control for Privacy Protection of Mobile Terminals

A-yong YE(), Junlin JIN, Lingyu MENG, Ziwen ZHAO   

  1. College of Mathematics and Informatics, Fujian Normal University, Fuzhou Fujian 350007, China
  • Received:2019-04-10 Online:2019-08-10 Published:2020-05-11

摘要:

随着计算机技术的深入发展,各种物联网应用在人们生活中日益普及,然而面临的隐私和安全问题也日益突出,移动终端过度索权和过度收集数据是目前物联网环境下的严重隐患。为此,文章提出一种面向移动终端隐私保护的访问控制模型,通过将用户所有敏感数据存储在云端,由云端提供加解密和访问控制服务,进而保证敏感数据合理、受控地被使用。针对当前访问控制的不足,文章在XACML的基础上引入安全风险和操作需求评估进行扩展,提高访问控制的灵活性和适应性。仿真实验结果表明,文章方法能够准确、动态地实行访问控制,极大提高移动终端的安全性,并能有效减少移动终端的存储空间和电池电量开销。

关键词: 物联网, 移动终端, XACML, 风险访问控制, 操作需求

Abstract:

With the in-depth development of computer technology, various Internet of Things applications are becoming more popular in people's lives. However, the privacy and security issues are becoming more prominent. One of the serious hidden issues is that the permissions over-request and the data over-collection in mobile terminals in the current Internet of Things environment. To address the above problems, this paper proposes an access control model for privacy protection of mobile terminals. By storing all sensitive data in the cloud, the cloud provides the encryption, decryption and access control services to ensure that the sensitive data is used reasonably and in controlled. In view of the disadvantages of current access control, this paper introduces security risk and operational needs assessment based on XACML (eXtendable Access Control Markup Language) to improve the flexibility and adaptability of access control. The simulation results show that the proposed method can implement access control accurately and dynamically, greatly improve the security of mobile terminals, and can effectively reduce the storage space and battery power consumption of mobile terminals.

Key words: Internet of Things, smartphone, XACML, risk access control, operational need

中图分类号: