计算机科学 ›› 2016, Vol. 43 ›› Issue (1): 166-171.doi: 10.11896/j.issn.1002-137X.2016.01.038

• 信息安全 • 上一篇    下一篇

基于RBAC的隐私访问控制研究

张学明,黄志球,孙艺   

  1. 南京航空航天大学计算机科学与技术学院 南京210016,南京航空航天大学计算机科学与技术学院 南京210016,南京航空航天大学计算机科学与技术学院 南京210016
  • 出版日期:2018-12-01 发布日期:2018-12-01
  • 基金资助:
    本文受国家自然科学基金(61272083)资助

Research on Privacy Access Control Based on RBAC

ZHANG Xue-ming, HUANG Zhi-qiu and SUN Yi   

  • Online:2018-12-01 Published:2018-12-01

摘要: 基于角色的访问控制(Role-Based Access Control,RBAC)在Web服务隐私保护中可用于控制服务提供者对用户隐私数据的访问。针对RBAC运用于隐私场景中缺少相应的隐私属性而无法精确地描述隐私访问控制策略这一问题,提出了一种以RBAC为中心的隐私访问控制模型,给出了服务提供者信誉度分级方法。对不同信誉度等级的服务提供者分配不同的角色,以控制其对敏感隐私信息的访问。最后通过实例验证了该模型的有效性和可行性。

关键词: 角色访问控制,隐私授权,信誉度,敏感度

Abstract: RBAC can be used to control the service provider to access the privacy of users in Web service.In order to solve the problem that RBAC cannot precisely describe the privacy access control policy for the lack of privacy attri-butes when it is applied in the privacy scene,this paper put forward a privacy access control model focused on RBAC,and provided the ranking method of the credibility of the service provider.Service providers with different credibility ranks were assigned with different roles to control their access to the sensitive privacy information.This paper also verified the validity and feasibility of the model through a specific example.

Key words: Role-based access control,Privacy authorization,Credibility,Sensitivity

[1] Cranor L F.Platform for privacy preferences (p3p)[M]∥Encyclopedia of Cryptography and Security.Springer US,2011:940-941
[2] Ashley P,Hada S,Karjoth G,et al.Enterprise privacy authorization language (EPAL 1.2)[Z].Submission to W3C,2003
[3] Ni Q,Bertino E,Lobo J,et al.Privacy-aware role-based access control[J].ACM Transactions on Information and System Security (TISSEC),2010,13(3):24
[4] Ardagna C A,Cremonini M,De Capitani di Vimercati S,et al.A privacy-aware access control system[J].Journal of Computer Security,2008,16(4):369-397
[5] Ardagna C A,Damiani E,di Vimercati S D C,et al.Towards privacy-enhanced authorization policies and languages[M]∥Data and Applications Security XIX.Springer Berlin Heidelberg,2005:16-27
[6] Kolter J,Schillinger R,Pernul G.A privacy-enhanced attribute-based access control system[C]∥Proc.of the 21st Annual IFIP WG 11.3 Working Conference on Data and Applications Security.Edondo Beach,CA,USA,July 2007
[7] Ferraiolo D F,Sandhu R,Gavrila S,et al.Proposed NIST stan-dard for role-based access control[J].ACM Transactions on Information and System Security (TISSEC),2001,4(3):224-274
[8] Ferraiolo D,Cugini J,Kuhn D R.Role-based access control(RBAC):Features and motivations[C]∥Proceedings of 11th Annual Computer Security Application Conference.1995:241-248
[9] Anderson A.A comparison of two privacy policy languages:EPAL and XACML[C]∥Proceedings of the 3rd ACM Workshop on Secure Web Service.2005
[10] Ardagna C A,Cremonini M,De Capitani di Vimercati S,et al.A privacy-aware access control system[J].Journal of Computer Security,2008,16(4):369-397
[11] Ke Chang-bo,Huang Zhi-qiu,Tang Mei.Supporting negotiation mechanism privacy authority method in cloud computing[J].Knowledge-Based Syst.,2013,51:48-59
[12] Lv Fu-jun.Web Services Reputation Evaluation Model Based on QoS and User Recommendation[D].Qinghuangdao:Yanshan University,2010(in Chinese)吕福军.一种基于 QoS 与用户推荐的 Web 服务信誉度评价模型[D].秦皇岛:燕山大学,2010
[13] Liu Lin-yuan.Research on Privacy Analysis and Verification of Web Service Composition [D].Nanjing:Nanjing University of Aeronautics and Astronautics,2011(in Chinese)刘林源.Web服务组合隐私分析与验证研究[D].南京:南京航空航天大学,2011
[14] Smari W W,Clemente P,Lalande J F.An extended attributebased access control model with trust and privacy:Application to a collaborative crisis management system[J].Future Generation Computer Systems,2014,31:147-168
[15] Liu Yi-min,Wang Zhi-hui,Wang Wei.Research and Implementation of purpose-Based Privacy Access Control Policy in XML Data Mode[J].Computer Applications and Software,2013,30(2):148-151(in Chinese)刘逸敏,王智慧,汪卫.XML数据模式下基于 purpose 的隐私访问控制策略研究与实现[J].计算机应用与软件,2013,30(2):148-151
[16] Nabeel M,Bertino E,Kantarcioglu M,et al.Towards privacypreserving access control in the cloud[C]∥2011 7th International Conference on Collaborative Computing:Networking,Applications and Worksharing (CollaborateCom).IEEE,2011:172-180
[17] Ruj S,Stojmenovic M,Nayak A.Privacy preserving access control with authentication for securing data in clouds[C]∥2012 12th IEEE/ACM International Symposium on Cluster,Cloud and Grid Computing (CCGrid).IEEE,2012:556-563
[18] Takabi H.Privacy aware access control for data sharing in cloud computing environments[C]∥Proceedings of the 2nd International Workshop on Security in Cloud Computing.ACM,2014:27-34
[19] Nabeel M,Bertino E.Privacy preserving delegated access control in the storage as a service model[C]∥2012 IEEE 13th International Conference on Information Reuse and Integration (IRI).IEEE,2012:645-652
[20] Kim Y,Song E.Privacy-aware role based access control model:Revisited for multi-policy conflict detection[C]∥2010 International Conference on Information Science and Applications (ICISA).IEEE,2010:1-7

No related articles found!
Viewed
Full text


Abstract

Cited

  Shared   
  Discussed   
No Suggested Reading articles found!