摘要
自动信任协商中,访问控制策略规范了用户访问资源的行为从而保护敏感信息与资源,当策略本身就包含敏感信息时,则策略的暴露会泄露隐私信息;而对策略的敏感信息再次进行保护时,则增加了协商复杂性。针对策略保护的矛盾,提出一种基于规则的自动信任协商模型——RBAM。对策略进行分解,将非敏感策略与域约束归为一类,并使用Agent技术来协商双方的交互,从而达到降低协商复杂度、提高协商效率的目的。
In the Automated Trust Negotiation (ATN), access control policy regulates user's access to resource so as to protect sensitive information and resource. However, access control policy itself may contain sensitive information; its disclosure may result in privacy leakage. And policy's increases enhances the negotiation complexity. In order to handle such a dilemma, a rule-based ATN model, called Rule-Based Automated trust negotiation Model (RBAM), was proposed. RBAM treats all policies as rules, divides them into two parties, and introduces Agent to implement rules, which can reduce the complexity and improve negotiation efficiency.
出处
《计算机应用》
CSCD
北大核心
2008年第1期80-81,84,共3页
journal of Computer Applications
基金
国家社会科学基金资助项目(06BTQ024)
国家重点实验室开放研究基(SKLSE04-018)
湖北省科技攻关项目(2005AA101C43)
关键词
自动信任协商
规则
访问控制策略
认证
授权
Automated Trust Negotiation (ATN)
rule
access control policy
authentication
authorization