Combined access control model embedding configurable policy for fine-grained data security |
| |
| Affiliation: | 1. School of Computer Science and Engineering, Xi''an University of Technology, Xi''an, China;2. School of Civil Engineering and Architecture, Xi''an University of Technology, Xi''an, China;3. State Key Laboratory of Rail Transit Engineering Information (FSDI), Xi''an, China;4. Shenzhen Tencent Computer System Co., Ltd, Shenzhen, China;1. Sohar University, Oman;2. Amman, Jordan;1. Department of Electronics & Communication Engineering, Thapar Institute of Engineering and Technology (Thapar University) Patiala, India;2. ABV-Indian Institute of Information Technology and Management Gwalior 474015, India;1. Department of mathematics and computer science, Changsha University, Changsha, China;2. College of information science and engineering, Hunan University, Changsha, China;3. Information Engineering Department, Zhangjiajie Institute of Aeronautical Engineering, Zhangjiajie, China;1. Sorbonne Université, LIP6, CNRS UMR 7606, France;2. LTCI, Telecom ParisTech, Université Paris-Saclay, France;3. Institut VEDECOM, 77 Rue des Chantiers, Versailles 78000, France;1. NaNoNetworking Center in Catalonia (N3Cat), Universitat Politècnica de Catalunya, Barcelona, Spain;2. Oracle Labs, Oracle Corporation, Vancouver, BC, Canada |
| |
| Abstract: | With the wide applications of the Internet of Things, a lot of business data is generated by mobile embedded devices, and traditional data access control faces the new security risk. To enforce security and privacy requirements of information, the fixed data access control model needs to be added with the configurable authority policy, and it is necessary to ensure that new model is embedded without changing the original architecture. In this paper, we study the data access strategies on BlueKing platform, and design an embedded model by combing the role-based access control (RBAC) and label-based access control (LBAC) for fine-grained data access control. In proposed model, we first obtain the preliminary permissions result by using the original RBAC method. Then, we analyze the difference between the requirements and preliminary result, and we design the embedded polices components based on LBAC for the original framework. Finally, we generate the data access result for row and column by parsing the requirements with authority policies. The proposed model does not invade the original RBAC, and perform the fine-grained data access control, which has begun to be integrated into BlueKing platform. |
| |
| Keywords: | |
| 本文献已被 ScienceDirect 等数据库收录! |
|
