Abstract
In order to solve the problem of access control among different security domains in cloud networks, this paper presents an access control model based on role and trust-degree. The model combines role-based access control and trust-based access control. The role assessment weights are defined based on the user’s role classes, and the trust-degree is calculated according to the role assessment weights and the role’s behavior. In order to increase the accuracy of access control, the model gives the concept and calculation methods of feedback trust-degree. To achieve fine-grained access control, the model introduces direct trust-degree, recommendation trust-degree, and feedback trust-degree, all of which participate in comprehensive trust-degree by adjusting their weights. A simulation experiment was conducted in the LAN environment, and a web system was used to construct an access control model with multisecurity domains in the experiment. The experimental results demonstrate that our model has higher security, expansibility, and flexibility.
Highlights
With the rapid development of network technology and cloud computing, attacks and interactions are becoming more and more frequent; complex network security situation will be more serious
By controlling the access permission of the key resources, access control achieves the protection of system resources, ensuring that all of the main direct entrances to the object are authorized and preventing legitimate users from using illegal access to system resources at the same time
Access control policy is one of the main strategies of network security and the main method to realize data confidentiality and integrity [1]; it has become the important subject in the area of network security
Summary
With the rapid development of network technology and cloud computing, attacks and interactions are becoming more and more frequent; complex network security situation will be more serious. Due to the arbitrariness in users’ privileges transfer, discretionary access control is unable to ensure the security of the system, and it is not conducive to achieving a unified global access control It is easy for the protected information to leak, and it can not resist the Trojan horse attacks in this access control policy [2]. Reference [3] proposed a C/S structure of trust decentralized access control (TDAC) framework: through the client’s temporary monitors and server-side assessment of the primary monitor application access request in the subject contextaware access control to protect private data. The defects of this method are increasing the burden to clients and servers. Reference [5] proposed a comprehensive encryption-based access control framework for the content
Sign-in/Register to view highlights & summary Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
