An assurance model for access control on cloud computing systems

被引：0

作者：

Li Y. ^{[1
,2
,3
]}

Zhao Y. ^{[2
,3
]}

Guo X. ^{[1
]}

Liu G. ^{[1
]}

机构：

[1] National Secrecy Science and Technology Evaluation Center, Beijing

[2] College of Computer Science, Beijing University of Technology, Beijing

[3] Beijing Key Laboratory of Trusted Computing, Beijing

来源：

| 1600年 / Tsinghua University卷 / 57期

关键词：

Access control; Access control linkage; Assurance model; Cloud computing security;

D O I：

10.16511/j.cnki.qhdxxb.2017.25.017

中图分类号：

学科分类号：

摘要：

An access control points in cloud computing are difficult to link. An assurance model for access control on the whole system was developed based on formal definitions of the access request equivalence relation and the support relation, the analysis formally proves that the assurance algorithm can ensure the credibility of access requests. The implementation methods are given for the network layer, application layer and operating system kernel layer in cloud computing. An access semantic encapsulation shows that the algorithm meets the access control linkage requirements and can ensure the credibility of access requests. © 2017, Tsinghua University Press. All right reserved.

引用

页码：432 / 436

页数：4

共 35 条

[11] Zhao Y., Liu J., Han Z., Et al., The application of information leakage defense model in enterprise intranet security, Journal of Computer Research and Development, 44, 5, pp. 761-767, (2007)
[12] Shi W., Sun Y., Liang H., An adaptable labeling enforcement approach and its correctness for the classical BLP security axioms, Journal of Computer Research and Development, 38, 11, pp. 1366-1372, (2001)
[13] Zheng Z., Cai Y., Shen C., Research on an application class communication security model on operating system security framework, Journal of Computer Research and Development, 42, 2, pp. 322-328, (2005)
[14] Bell D.E., La Padula L.J., Secure Computer System: Unified Exposition and Multics Interpretation, (1977)
[15] Biba K.J., Integrity Considerations for Secure Computer Systems, (1977)
[16] Chadwick D.W., Otenko A., The PERMIS X.509 role based privilege management infrastructure, Future Generation Computer Systems, 19, 2, pp. 277-289, (2003)
[17] Nochta Z., Ebinger P., Abeck S., PAMINA: A certificate based privilege management system, Proceedings of Network and Distributed System Security Symposium Conference, (2002)
[18] Osborn S., Configuring role-based access control to enforce mandatory and discretionary access control policies, ACM Transactions on Information & System Security, 3, 2, pp. 85-106, (2000)
[19] Jansen W.A., A Revised Model for Role-based Access Control, (1998)
[20] Ahn G.J., Role-based Authorization Constraints Specification, (2010)

← 1 2 3 4 →