论文部分内容阅读
针对开放网络环境下重要信息系统资源高安全等级的访问控制需求,提出一种基于环境度量和行为评估的访问控制模型,该模型基于环境信任度对终端计算环境进行安全分级,基于多实体贝叶斯网络综合用户行为的多种属性对用户行为实施动态评估,整合了环境可信度和行为模式、资源访问、系统运行状态等行为表现属性,能较全面地对用户行为进行评估;模型采用条件规则和授权规则相结合的安全规则,实现对资源访问行为动态的访问控制.与现有的模型相比,提出的访问控制模型能够更好地适应环境的多变性和用户行为的复杂性,信任评价方法更具有可计算性和合理性.
Aiming at the requirement of access control with high security level of important information system resources in open network environment, this paper proposes an access control model based on environment metrics and behavior assessment. This model classifies the terminal computing environment based on environment trust. Based on multi- Sri Lanka network user behavior of a variety of dynamic assessment of user behavior to implement the dynamic integration of environmental credibility and behavior patterns, resource access, system performance status and other performance attributes can be more comprehensive assessment of user behavior; model using conditions Rules and authorization rules to achieve the dynamic access control of resource access behavior.Compared with the existing models, the proposed access control model can better adapt to the variability of environment and the complexity of user behavior, trust The evaluation method is more computable and reasonable.