A Dynamic RBAC Model Based on Multidimensional Trust

doi:10.3969/j.issn.1006-2475.2015.06.002

Abstract

Abstract: Rolebased access control technology has been a widely used authorization method since it was proposed. At the aspect of authorization with trust mechanism, the time characteristic problem is not considered in traditional or improved RBAC model. And the global trust is obtained by simply weighting the trust indicator. This kind of algorithm thinks about problem too simply and can’t well reflect the flexibility of dynamic permission. Aiming at this problem, a dynamic RBAC model based on multidimensional trust is proposed, which is an extension of role management model ARBAC97. The model introduces time characteristic factors to improve the existing calculation method of trust. Besides, it synthetically computes a variety of trust characteristics of users, so as to fulfil flexible and dynamic authorization mechanism. The simulation experiments show that for MDTRBAC the effectiveness of preventing malicious nodes from attacking is superior to the existing models.


CLC Number:

TP206.1

YE Chong-yang， ZHUANG Yi. A Dynamic RBAC Model Based on Multidimensional Trust[J]. Computer and Modernization, doi: 10.3969/j.issn.1006-2475.2015.06.002.

References ［16］

［1］	海波,洪帆. 访问控制模型研究综述［J］. 计算机应用研究, 2005(6):9-11.
［2］	Ferraiolo D F, Sandhu R, Gavrila S, et al. ProPosed NIST standard for rolebased access control［J］. ACM Transasctions on Information and System Security, 2001,4(3):224-274.
［3］	胡建理,吴泉源,周斌,等. 一种基于反馈可信度的分布式P2P信任模型［J］. 软件学报, 2009,20(10):2885-2898.
［4］	邢长友,杨莉,张毓森,等. 一种基于域推荐相似度的P2P信任模型［J］. 东南大学(自然科学版), 2012,42(5):803-807.
［5］	Mui L, Mohtashemi M, Halberstadt A. A computational model of trust and reputation［C］// Proceedings of the 35th Annual Hawaii International Conference on System Sciences. 2002:2431-2439.
［6］	Li N. Discretionary access control［J］. Encyclopedia of Cryptography and Security, 2011:353-356.
［7］	Lindqvist H. Mandatory access control［D］. Umea University, 2006.
［8］	Yuan E, Tong J. Attributed based access control (ABAC) for Web services［C］// 2005 IEEE International Conference on Web Services. 2005:561-569.
［9］	邓集波,洪帆. 基于任务的访问控制模型［J］. 软件学报, 2003,14(1):76-82.
［10］	周文峰,尤军考,何基香. 基于RBAC模型的权限管理系统设计与实现［J］. 微计算机信息, 2006(15):35-36.
［11］	Ferraiolo D F, Cugini J A, Kuhn D R. Rolebased access control (RBAC): Features and motivations［C］// Proceedings of the 11th Annual Computer Security Application Conference. 1995:241-248.
［12］	Park J, Sandhu R. The UCON ABC usage control model［J］. ACM Transactions on Information and System Security, 2004,7(1):128-174.
［13］	苏玮,曾广周. 一种考虑用户可信度的动态RBAC模型［J］. 计算机工程, 2005,31(15):84-86.
［14］	刘武,段海新,张洪,等. TRBAC: 基于信任的访问控制模型［J］. 计算机研究与发展, 2011,48(8):1414-1420.
［15］	裴俐春,陈性元,王婷,等. 一种基于信任度的跨异构域动态认证机制［J］. 计算机应用, 2008,28(6):1382-1384.
［16］	Sandhu R, Bhamidipati V, Munawer Q. The ARBAC97 model for rolebased administration of roles［J］. ACM Transactions on Information and System Security, 1999,2(1):105-135.