Computer Science

Computer Science ›› 2018, Vol. 45 ›› Issue (7): 129-134.doi: 10.11896/j.issn.1002-137X.2018.07.021

• Information Security • Previous Articles     Next Articles

Role Matching Access Control Model for Distributed Workflow

HE Si-yuan, OU Bo, LIAO Xin   

  1. College of Computer Science and Electronic Engineering,Hunan University,Changsha 410082,China
  • Received:2017-02-21 Online:2018-07-30 Published:2018-07-30

PDF (PC)

582

Abstract: In the distributed workflow,it is required to assign the users with appropriate roles for the security concerns.This paper proposed a role matching access control model under distributed workflow environment to address the optimal role matching problem for a given authorization.According to different tasks of workflow,the model can find a set or multiple sets of roles with relevant executive authority from the system role,and then optimize the role matching by considering the reference environment,time constraints and the inheritance relationship among the roles.The experimental results show that the model can eliminate redundant roles,and assign a set of minimum set of roles for users,thus achieving the role matching optimization.

Key words: Access control, Distributed workflow, Environment and time constraints, Role matching

CLC Number: 

  • TP309.2
[1]WANG Y D,YANG J H,XU C,et al.Survey on Access Control Technologies for Cloud Computing.Journal of Software,2015,26(5):1129-1150.(in Chinese)
王于丁,杨家海,徐聪,等.云计算访问控制技术研究综述.软件学报,2015,26(5):1129-1150.
[2]FENG C S,QIN Z G,YUAN D,et al.Key Techniques of Access Control for Cloud Computing .Acta Electronica Sinica,2015,43(2):312-319.(in Chinese)
冯朝胜,秦志光,袁丁,等.云计算环境下访问控制关键技术.电子学报,2015,43(2):312-319.
[3]LI F H,SU M,SHI Z G,et al.Research Status and Development Trends of Access Control Model .Acta Electronica Sinica,2012,40(4):805-813.(in Chinese)
李凤华,苏铓,史振国,等.访问控制模型研究进展及发展趋势.电子学报,2012,40(4):805-813.
[4]LI N.Discretionary access control∥Encyclopedia of Cryptography and Security.Springer US,2011:353-356.
[5]HAN D J,GAO J,ZHAI H L,et al.Research Development of Access Control Model .Computer Science,2010,37(11):29-33.(in Chinese)
韩道军,高洁,翟浩良,等.访问控制模型研究进展.计算机科学,2010,37(11):29-33.
[6]UPADHYAYA S.Mandatory Access Control∥Encyclopedia of Cryptography and Security.Springer US,2011:756-758.
[7]SANDHU R S,COYNE E J,FEINSTEIN H L,et al.Role-based Access Control Models .Computer,1996,29(2):38-47.
[8]ZHANG X M,HUANG Z Q,SUN Y.Research on Privacy Access Control Based on RBAC .Computer Science,2016,43(1):166-171.(in Chinese)
张学明,黄志球,孙艺.基于RBAC的隐私访问控制研究.计算机科学,2016,43(1):166-171.
[9]WANG X W,ZHAO Y M.A Task-role-based Access ControlModel for Cloud Computing .Computer Engineering,2012,38(24):9-13.(in Chinese)
王小威,赵一鸣.一种基于任务角色的云计算访问控制模型.计算机工程,2012,38(24):9-13.
[10]SEJONG O,SEOG P.Task-role-based Access Control Model.Information System,2003,28(6):533-562.
[11]WANG J Y,FENG L X,ZHENG X F,et al.Research Status and Development Trends of Access Control Model .Journal of Central South University(Science and Technology),2015,46(6):2090-2097.(in Chinese)
王静宇,冯黎晓,郑雪峰.一种面向云计算环境的属性访问控制模型.中南大学学报(自然科学版),2015,46(6):2090-2097.
[12]LI F H,WANG W,MA J F,et al.Action-based Access Control Model and Administration of Actions .Acta Electronica Sinica,2008,36(10):1881-1890.(in Chinese)
李凤华,王巍,马建峰,等.基于行为的访问控制模型及其行为管理.电子学报,2008,36(10):1881-1890.
[13]SU M,LI F H,SHI G Z.Action-based Multilevel Access Control Model .Journal of Computer Research and Document,2014,51(7):1604-1613.(in Chinese)
苏铓,李凤华,史国振.基于行为的多级访问控制模型.计算机研究与发展,2014,51(7):1604-1613.
[14]LANG B.Access Control Oriented Quantified Trust DegreeRepresentation Model for Distributed Systems .Journal on Communications,2010,31(12):45-54.(in Chinese)
郎波.面向分布式系统访问控制的信任度量化模型.通信学报,2010,31(12):45-54.
[15]FU X,XU S,ZHOU D M.Research on Trust-based AccessControl Model in Cloud Computing Environment .Computer Technology and Development,2015,25(9):139-143.(in Chinese)
付雄,徐松,周代明.云计算环境下基于信任的访问控制模型研究.计算机技术与发展,2015,25(9):139-143.
[16]DU S,JOSHI J B D.Supporting Authorization Query and Inter-domain Role Mapping in Presence of Hybrid Role Hierarchy[C]∥Proceedings of the 11th ACM Symposium on Access Control Models and Technologies.New York:ACM,2006:228-236.
[17]YANG L,TANG Z,LI R F,et al.Roles Query Algorithm in Cloud Computing Environment Based on User Require .Journal on Communications,2011,32(7):169-175.(in Chinese)
杨柳,唐卓,李仁发,等.云计算环境中基于用户访问需求的角色查找算法.通信学报,2011,32(7):169-175.
[18]ZHANG Y,JOSHI J B D.Uaq:A Framework for User Authorization Query Processing in RBAC Extended with Hybrid Hie-rarchy and Constraints[C]∥Proceedings of the 13th ACM Symposium on Access Control Models and Technologies.New York:ACM,2008:83-92.
[19]LU J,JOSHI J B D,JIN L,et al.Towards Complexity Analysis of User Authorization Query Problem in RBAC .Computers &Security,2015,48(C):116-130.
[1] GUO Peng-jun, ZHANG Jing-zhou, YANG Yuan-fan, YANG Shen-xiang. Study on Wireless Communication Network Architecture and Access Control Algorithm in Aircraft [J]. Computer Science, 2022, 49(9): 268-274.
[2] YANG Zhen, HUANG Song, ZHENG Chang-you. Study on Crowdsourced Testing Intellectual Property Protection Technology Based on Blockchain and Improved CP-ABE [J]. Computer Science, 2022, 49(5): 325-332.
[3] GUO Xian, WANG Yu-yue, FENG Tao, CAO Lai-cheng, JIANG Yong-bo, ZHANG Di. Blockchain-based Role-Delegation Access Control for Industrial Control System [J]. Computer Science, 2021, 48(9): 306-316.
[4] CHENG Xue-lin, YANG Xiao-hu, ZHUO Chong-kui. Research and Implementation of Data Authority Control Model Based on Organization [J]. Computer Science, 2021, 48(6A): 558-562.
[5] PAN Rui-jie, WANG Gao-cai, HUANG Heng-yi. Attribute Access Control Based on Dynamic User Trust in Cloud Computing [J]. Computer Science, 2021, 48(5): 313-319.
[6] CAO Meng, YU Yang, LIANG Ying, SHI Hong-zhou. Key Technologies and Development Trends of Big Data Trade Based on Blockchain [J]. Computer Science, 2021, 48(11A): 184-190.
[7] HE Heng, JIANG Jun-jun, FENG Ke, LI Peng, XU Fang-fang. Efficient Multi-keyword Retrieval Scheme Based on Attribute Encryption in Multi-cloud Environment [J]. Computer Science, 2021, 48(11A): 576-584.
[8] XU Kun, FU Yin-jin, CHEN Wei-wei, ZHANG Ya-nan. Research Progress on Blockchain-based Cloud Storage Security Mechanism [J]. Computer Science, 2021, 48(11): 102-115.
[9] WANG Jing-yu, LIU Si-rui. Research Progress on Risk Access Control [J]. Computer Science, 2020, 47(7): 56-65.
[10] GU Rong-Jie, WU Zhi-ping and SHI Huan. New Approach for Graded and Classified Cloud Data Access Control for Public Security Based on TFR Model [J]. Computer Science, 2020, 47(6A): 400-403.
[11] PAN Heng, LI Jing feng, MA Jun hu. Role Dynamic Adjustment Algorithm for Resisting Insider Threat [J]. Computer Science, 2020, 47(5): 313-318.
[12] WANG Hui, LIU Yu-xiang, CAO Shun-xiang, ZHOU Ming-ming. Medical Data Storage Mechanism Integrating Blockchain Technology [J]. Computer Science, 2020, 47(4): 285-291.
[13] TU Yuan-fei,ZHANG Cheng-zhen. Secure and Efficient Electronic Health Records for Cloud [J]. Computer Science, 2020, 47(2): 294-299.
[14] QIAO Mao,QIN Ling. AB-ACCS Scheme for Revocation of Efficient Attributes in Cloud Storage Services [J]. Computer Science, 2019, 46(7): 96-101.
[15] WU Dai-yue, LI Qiang, YU Xiang, HUANG Hai-jun. Client Puzzle Based Access Control Model in Public Blockchain [J]. Computer Science, 2019, 46(4): 129-136.
Viewed
Full text


Abstract

Cited
  Shared   
  Discussed   
No Suggested Reading articles found!
渝ICP备16013121号-4
Add:18# Honghu West Rd., Yubei ,Chongqing,China    Post Code: 401121
Tel: 023-63500828/023-67039612/023-67039623
E-mail: jsjkx12@163.com
Powered by Beijing Magtech Co., Ltd.