计算机科学 ›› 2016, Vol. 43 ›› Issue (8): 131-136.doi: 10.11896/j.issn.1002-137X.2016.08.028
郑高山,应时,吴睿
ZHENG Gao-shan, YING Shi and WU Rui
摘要: 在应用软件中广泛使用的访问控制模型不能根据用户上下文来动态改变资源的访问权限。针对上述问题提出一种基于语义技术的访问控制方法,实现了对用户的动态授权。提出基于语义信息的用户模型和资源模型并构建面向用户模型和资源模型的基础本体,定义一组与访问控制相关的语义规则及推理规则,并设计基于语义推理过程的判定算法。访问控制过程是接收并分析访问请求,根据语义规则从显示的本体知识中获取相关联的用户信息,调用判定算法得出用户与资源间的访问权限关系。最后通过某综合减灾应用系统案例来验证该方法的有效性。
[1] Li Feng-hua,Su Mang,Shi Guo-zhen,et al.R-esearch Status and Development Trends of Access C-ontrol Model[J].Acta Electronica Sinica,2012,0(4):805-813(in Chinese) 李凤华,苏铓,史国振,等.访问控制模型研究进展及发展趋势[J].电子学报,2012,40(4):805-813 [2] Sandhu R S,Coyne E J.Role-based access control models[J].Computer,1996,29(2):38-47 [3] Sandhu R,Bhamidipati V,Munawer Q.The ARBAC97 model for role-based administration of roles[J].Acm Transactions on Information & System Security,1999,2(1):105-135 [4] Munawer Q,Sandhu R.The ARBAC99 Model for Administration of Roles[C] ∥Computer Security Applications Conference,Annual.IEEE Computer Society,1999:229-238 [5] Oh S,Sandhu R.A model for role administration using organization structure[C]∥Proceedings of the Seventh ACM Symposiumon Access Control Models and Technologies.ACM,2002:155-162 [6] Alotaiby F T,Chen J X.A Model for Team-based Access Control[C]∥International Conference on Information Technology:Coding & Computing.IEEE Computer Society,2004:450-454 [7] Periorellis P,Parastatidis S.Task-Based Access Control for Virtual Organizations[M]∥Scientific Engineering of Distributed Java Applications.Springer Berlin Heidelberg,2005:38-47 [8] Cao Chun,Ma Xiao-xing,Lv Jian.SCoAC:A Service Computing Oriented Access Control Model[J].Chinese Journal of Compu-ters,2006,29(7):1209-1216(in Chinese) 曹春,马晓星,吕建.SCoAC:一个面向服务计算的访问控制模[J].计算机学报,2006,29(7):1209-1216 [9] Chowdhury M M R,Noll J.A social relation aware semantic access control[C]∥12th International Conference on Computers and Information Technology,2009(ICCIT 039;09).IEEE,2009:139-144 [10] He Z,Wu L,Li H,et al.Semantics-based Access Control Approach for Web Service[J].Journal of Computers,2011,6(6):1152-1161 [11] Kayes A S M,Han J,et al.A Semantic Policy Framework for Context-Aware Access Control Applications[C]∥2013 12th IEEE International Conference on Trust,Security and Privacy in Computing and Communications (TrustCom).IEEE,2013:753-762 [12] Kayes A S M,Han J,Colman A.An Ontology-Based Approach to Context-Aware Access Control for Software Services[C]∥The International Conference on Web Information System Engineering(WISE).2013:410-420 [13] World Wide Web Consortium.SWRL:A Semantic Web RuleLang-uage Combining OWL and RuleML[EB/OL].http://www.w3.org/Submission/SWRL |
No related articles found! |
|