期刊文献+

一种支持隐私保护的角色访问控制模型 被引量:2

Role-based Access Control Model for Privacy Protection
下载PDF
导出
摘要 隐私保护是多域间资源共享、协同合作的关键性安全问题。在分析现有访问控制模型隐私泄漏问题的基础上,提出了一种支持隐私保护的角色访问控制模型。该模型以基于身份的密码体制为基础,避免了传统角色访问控制模型的诸多弊端,实现了多域环境下的隐私保护,并利用随机预言模型对该模型的安全性进行了详细的分析和证明。分析表明该模型满足IND-CCA2语义安全。通过实验仿真表明该模型具有较好的实用性。 Privacy preservation is a vital problem to share resource and collaboration among multi-domains. We analyzed the privacy leakage problems of current access control models, and then proposed a role-based access control model supporting privacy preservation. The model is based on identify-based encryption, avoiding a number of drawbacks in traditional role-based access model and making privacy preservation among rnulti-domains come true. Finally, we analyzed and certificated the security of the model in details by random oracle, and the model meets the IND-CCA2 mantle security. According to the simulation, the method is a practical model.
出处 《计算机科学》 CSCD 北大核心 2010年第6期46-50,121,共6页 Computer Science
基金 国家自然科学基金(90715029) 湖南省自然科学基金(09JJ5045)资助
关键词 访问控制 隐私保护 基于身份的加密 策略表达式 随机预言模型 Access control,Privacy protection,Identify-based encryption,Police expression,Random oracle
  • 相关文献

参考文献16

  • 1Gong L, Qian X. Computational Issues in Secure Interoperatign [J].IEEE Transactions on Software Engineering, 1996,22 (1): 43-52.
  • 2Ajayi O, Sinnott R, Stell A. Trust Realisation in Multi-domain Collaborative Environments[C]//Proceedings of the 6th IEEE/ ACIS International Conference on Computer and Information Science (ICIS'07). Melbourne, Australia, 2007: 906-911.
  • 3夏鲁宁,荆继武.一种基于层次命名空间的RBAC管理模型[J].计算机研究与发展,2007,44(12):2020-2027. 被引量:12
  • 4杨秋伟,洪帆,杨木祥,朱贤.基于角色访问控制管理模型的安全性分析[J].软件学报,2006,17(8):1804-1810. 被引量:38
  • 5Snyder L. Formal Models of Capability-based Protection Systems[J]. IEEE Transactions on Computers, 1981,30(3) : 172-181.
  • 6Winsborough W H, Seamons K E,Jones V E. Automate trust negotiation[C]//DARPA Information Survivability Conf. and Exposition 2000: 88-102.
  • 7Li Ninghui, Winsborough W H, Mitchell J C. Beyond Proof-of- Compliance:Safety and Availability Analysis in Trust Management[C]//Proceedings of IEEE Symposium on Security and Privacy. 2003 : 123-139.
  • 8Irwin K, Yu Ting. Preventing Attribute Information Leakage in Automated Trust Negotiation[C]//Proceedings of the 12th ACM Conference on Computer and Communications Security. 2005 : 36-45.
  • 9廖振松,金海,李赤松,邹德清.自动信任协商及其发展趋势[J].软件学报,2006,17(9):1933-1948. 被引量:52
  • 10Li N,Du W,Boneh D. Oblivious signature-based envelope[C]// Proceedings of the 22nd ACM Symposium on Principles of Distributed Computing (PODC 2003). 2003:182-189.

二级参考文献30

  • 1龙勤,刘鹏,潘爱民.基于角色的扩展可管理访问控制模型研究与实现[J].计算机研究与发展,2005,42(5):868-876. 被引量:26
  • 2徐震,李斓,冯登国.基于角色的受限委托模型[J].软件学报,2005,16(5):970-978. 被引量:52
  • 3杨秋伟,洪帆,杨木祥,朱贤.基于角色访问控制管理模型的安全性分析[J].软件学报,2006,17(8):1804-1810. 被引量:38
  • 4Sandhu R,Bhamidipati V,Munawer Q.The ARBAC97 model for role-based administration of roles.ACM Trans.on Information and Systems Security (TISSEC),1999,2(1):105-135.
  • 5Oh S,Sandhu R.A model for role administration using organization structure.In:Sandhu R,Bertino E,eds.Proc.of the 6th ACM Symp.on Access Control Models and Technologies (SACMAT 2002).Monterey:ACM Press,2002.155-162.
  • 6Crampton J,Loizou G.Administrative scope:A foundation for role-based administrative models.ACM Trans.on Information and System Security (TISSEC),2003,6(2):201-231.
  • 7Sandhu R,Coyne EJ,Feinstein HL,Youman CE.Role-Based access control models.IEEE Computer,1996,29(2):38-47.
  • 8Sandhu R.Rationale for the RBAC96 family of access control models.In:Youman C,Sandhu R,Coyne E,eds.Proc.of the 1st ACM Workshop on Role-Based Access Control.New York:ACM Press,1996.38-47.
  • 9Hong F,He XB,Xu ZY.Role-Based access control.Mini-micro system,2000,21(2):198-200 (in Chinese with English abstract).
  • 10Harrison MA,Ruzzo WL,Ullman JD.Protection in operation systems.Communications of the ACM,1976,19(8):461-471.

共引文献98

同被引文献26

  • 1吴景阳,毋国庆.一种通用中间件安全模型及形式化描述[J].计算机工程与科学,2006,28(1):112-114. 被引量:3
  • 2李建欣,怀进鹏,李先贤.自动信任协商研究[J].软件学报,2006,17(1):124-133. 被引量:52
  • 3傅鹤岗,李竞.基于属性的Web服务访问控制模型[J].计算机科学,2007,34(5):111-114. 被引量:11
  • 4Hay M, Miklau G, Jensen D, et al. Anonymizing social networks [R]. 07-19. University of Massachusetts Amherst, 2007.
  • 5Liu K, Terzi E. Towards identity anonymization on graphs [C]// Proceedings of the 2008 ACM SIGMOD International Conference on Management of Data (SIGMOD' 08). New York, NY, USA, ACM Press, 2008 : 93.
  • 6Liu Kun, Das K, Grandison T, et al. Privacy preserving data analysis on graphs and social networks[C]//Kargupta H, Han J, Yu P, et al. , eds. Nexteneration Data Mining. CRC Press, 2008.
  • 7Zheleva E,Getoor L. Preserving the privacy of sensitive relationships in graph data[C]//Proeeedings of the 1st ACM SIGKDD Workshop on Privacy, Security, and Trust in KDD(PinKDD' 07). 20071153-171.
  • 8Han Jia-wei, Kamber M, Data Ming. Concepts and Techniques(第二版)[M].范明,阵小峰,译.北京:机械:工业出版社,2007:255-259.
  • 9Zhou Bin, Pei J ian, Luk W-S. A Brief Survey on Anonymization Techniques for Privacy Preserving Publishing of Social Network Data[J]. ACM SIGKDD Explorations, ACM Press, 2008, 10 (2) : 12-22.
  • 10Zhou B, Pei J. Preserving Privacy in Social Networks against Neighborhood Attacks[C]//IEEE International Conference on Data Engineering(ICDE). 2008 : 506-515.

引证文献2

二级引证文献15

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部