| 基于可信度的访问控制模型的设计与分析 |
| |
| 引用本文: | 王玉桥,常朝稳,刘晨,付晓青.基于可信度的访问控制模型的设计与分析[J].计算机安全,2009(9):3-5. |
| |
| 作者姓名: | 王玉桥 常朝稳 刘晨 付晓青 |
| |
| 作者单位: | 1. 信息工程大学,电子技术学院,河南,郑州,450004
2. 信息工程大学,电子技术学院,河南,郑州,450004;西安交通大学,电信学院,陕西,西安,710049 |
| |
| 摘 要: | 针对CAS授权模型的局限性,提出了一种基于认证可信度的访问控制模型。在CAS授权模型中,虚拟组织中的成员通过向服务器添加访问策略达到访问控制的目的。在开放式环境下,由于节点频繁加入或退出,导致服务器开销增大。在基于可信度的访问控制模型中,资源提供方通过向服务器注册信任阎值和信任权重代替访问控制策略,达到控制用户访问的目的。模型既运用了认证机制,同时还考虑到用户的信任度,因而模型具有灵活性和可靠性两个特点。
|
| 关 键 词: | 认证可信度 信任度阈值 访问控制模型 |
Design and Analysis of an Access Control Model Based on Credibility |
| |
| Abstract: | An access control model based on credibility is proposed.Threshold value of credibility and a weight factor are applied in the model,and use Analytic Hierarchy Process(AHP) to analyze the weight of every rule.Providers adjust the threshold value and weight factor instead of changing policies in the server.First the server authenticates the requestor and gives him credibility,then synthesizes the credibility and trustworthiness.If the synthesis of credibility achieves the threshold value,the server gives him.a certificate. The authentication policies and trustworthiness are both used in the model, thus flexibility and robustness are the advantages of this model. |
| |
| Keywords: | Authentication policies threshold of credibility access control model |
| 本文献已被 维普 万方数据 等数据库收录! |
|
