| 题名 | 新型网络环境中访问控制模型的研究 |
| 作者 | 张宏 |
| 学位类别 | 博士 |
| 答辩日期 | 2008-01-15 |
| 授予单位 | 中国科学院软件研究所 |
| 授予地点 | 软件研究所 |
| 关键词 | 新型网络 访问控制 访问控制模型 形式分析 |
| 其他题名 | Research on Access Control Models in New Network Environment |
| 中文摘要 | 随着网格、P2P、无线通信网等技术的普及和飞速发展,访问控制技术取得了长足的进步,同时也面临着巨大的挑战。如何构建安全、灵活、可扩展的访问控制模型是这种新型网络环境下访问控制技术迫切需要解决的问题。本文围绕该环境中的访问控制需求,从委托模型、基于位置的访问控制模型、P2P环境下的动态信任评估模型以及访问控制模型的形式分析四个方面,对访问控制模型研究领域出现的若干关键技术展开研究,取得了以下四个方面的主要成果:第一,在分析Bertino等人提出的一个基于周期时间的访问控制模型的基础之上,指出它虽然可以清晰地表达访问权限可适用的时间范围,但模型本身并没有对已经具有权限的用户如何使用和传播权限强加任何限制,难以实施权限委托这一安全策略。针对这一缺陷,我们讨论了用户到用户的委托访问权限的限制,对权限委托的临时性、时序依赖性和受限传播性这些约束特性进行形式化建模,给出了基于周期时间的自主委托模型PDACDM的形式化定义及其一致性证明。第二,在分析前人所做的各种上下文研究工作的基础上,借助数学的形式语言,给出了一种依赖于空间上下文的访问控制模型SC-RBAC。该模型采用层次式的位置模型给空间客体建模,采用逻辑位置表达不同粒度的位置,引入了空间角色和有效会话角色等概念,证明了层次化的空间角色集合在数学上可构建格模型以实施多级安全策略和中国墙策略,提出了3类空间限制,借鉴和改进了RBAC本身的安全属性,提出了一些新的安全不变量,证明了模型的基本安全定理,并给出了一个简单的应用实例。这一研究成果为解决无线移动网络中的访问控制问题奠定了理论基础。第三,指出了设计一个P2P环境下的信任评估模型需要考虑的主要因素,如时间因素、系统稳定性等。着重分析了P2P环境下的信任模型在识别不诚实反馈、防止恶意节点的策略性动态改变行为、计算节点间相似度、激励机制等方面的不足。给出了一个基于时间窗的动态信任评估模型TWTrust,统一考虑了信任、信誉与激励三者的关系。通过仿真试验结果证明,该模型在信任计算误差和事务失败率等性能指标上有较大提高,能较好处理恶意节点策略性动态改变行为、不诚实反馈对系统的攻击和相似度计算中的稀疏性问题。这一信任模型的提出有望简化P2P下访问控制的实施。第四,在深入分析和对比目前可用于规范和验证访问控制模型的形式化方法和证明工具的基础之上,选取了证明能力强的Isabelle证明系统对支持空间上下文的SC-RBAC模型进行了形式分析,总结了用Isabelle语言对SC-RBAC模型属性和规则进行形式规范的方法,并且研究了基于Isabelle系统证明模型规范内部一致性和正确性的实用方法。 |
| 英文摘要 | Along with the rapid development of grid, P2P and wireless communication network, the access control technology has made great progress. However, it is confronted with great challenges. How to build an access control model with security, flexibility and extensibility is a subject that needs to be solved urgently in new network environment. In this dissertation, research on the key technologies of access control models is conducted from four perspectives: delegation model, location based access control model, dynamic trust evaluation model in P2P systems, and formal analysis for access control models. As a result, four principal achievements have been achieved. First, based on the analysis of Bertino’s work which introduce a periodic time based access control model, it shows that the model can express clearly the applicable time interval of access permission whereas it is incapable of placing any constraints on the users how they use and grant their own permission and incapable of pursing a secure permission-delegation policy. To solve this problem, user-to-user permission level delegation constraints are discussed. Temporary constraints, temporal dependencies constraints and limited propagation constraints are modeled. A formal discretionary delegation model PDACDM is presented and proof of its consistency is given. Second, with the study on previous research work and various contexts, it presents a formal model for access control with supporting spatial context in mathematical language, which called SC-RBAC. This model relies on the hierarchical location model to model spatial objects, adopts logical location to represent positions at different granularities, introduces the concept of spatial role and effective session role and shows that the set of hierarchical spatial roles can come into being a lattice to enforce multi-level security policy and Chinese Wall policy. It also proposes three kinds of spatial constraints, improves the security property of RBAC, presents some new security invariants and proves its basic security theorem. An overall example is given. The efforts provide the theoretical foundation for access control in the field of wireless communication networks. Third, points out that some major factors should be considered when designs a trust model for P2P networks, such as time and the system stability. It shows that the existing trust models in P2P networks do not provide adequate support to coping with dishonest feedbacks and strategically altering behaviors of malicious peers, dealing with the computation of similarity and the incentive problem. To solve these issues, a time-window based dynamic trust model which called TWTrust is presented. This model studies the connection between trust, reputation and incentive. Experimental results show the TWTrust has advantages in countering strategic altering behavior and dishonest feedback of malicious peers and solving the sparseness problem in the computation of similarity. It is more effective in trust computation error and transaction failure rate than previous models. The efforts will simplify the procedure for access control in P2P circumstances. Fourth, based on the analysis and comparison on current formal methods and tools suitable for the specification and verification of access control models, the powerful Isabelle system is selected for formal analysis of the SC-RBAC model. It concludes a method to formally specify the properties and rules of the SC-RBAC model in Isabelle language, and researches on an approach to demonstrate the internal consistency and correctness of the model with the Isabelle system. |
| 语种 | 中文 |
| 公开日期 | 2011-03-17 |
| 页码 | 160 |
| 内容类型 | 学位论文 |
| 源URL | [http://124.16.136.157/handle/311060/6244]  |
| 专题 | 软件研究所_基础软件国家工程研究中心_学位论文 |
| 推荐引用方式 GB/T 7714 | 张宏. 新型网络环境中访问控制模型的研究[D]. 软件研究所. 中国科学院软件研究所. 2008. |
| 个性服务 |
| 查看访问统计 |
| 相关权益政策 |
| 暂无数据 |
| 收藏/分享 |
除非特别说明,本系统中所有内容都受版权保护,并保留所有权利。
修改评论