Research And Implementation Of Security Policy Management System Based On Multidimensional Attribute Label

With the rapid development of network and application software, more and more information technology and automation facilities have been integrated into daily lives, bringing unprecedented convenience. However, these new information carriers have also raised a number of complex security issues while bringing convenience. Security issues of data transmission in the network have gradually become the focus of attention, especially important data files related to confidential, internal information and sensitive information has become the focus of the focus. At the same time, with the increase of roles and dimensions attached to users, the attribution and dimension information grow exponentially, and the information itself is diversified and isomerized. The complexity of the existing security system cannot be fine-grained control of multi-dimensional users. The access control of user will be more and more complex. The existing security system cannot control the multi-dimensional users in fine-grained manner.Therefore, overcoming and solving rigid, coarse-grained management configuration and other issues of traditional access control system is imminent.Controlling the multi-dimensional attribute information of user and ensuring the integrity, confidentiality, uniqueness and non-repudiation of the internal information are the fundamental of solving the problem.To solve these problems, this paper proposes and designs a security policy management system based on multi-dimensional attribute label, which fully considers the multi-dimension attributes of the user and realizes the fine-grained privilege control of the multi-dimensional label, improving the security and reliability of the system to a certain extent.The main work of this paper consists of the following attributions: (1) A unified naming mechanism of multi-dimensional attribute label realizes the uniqueness of user identity. (2) A security authentication mechanism based on multi-dimensional attribute label realizes the off-line authentication and access control of user's through the authentication server and label server. (3) A secure transmission technology based on multi-dimensional attribute label realizes the decryption and disclosure of important information in the transmission process and ensure the integrity of system resources. (4) Designing a policy matching model based on multi-dimensional attribute label meets the complex dimension characteristics of user diversification and isomerization in a specific environment and achieves flexible and efficient policy matching of user labels. (5) Design an efficient policy matching algorithm for domestic platform meets the requirements of multi-dimensional attribute label matching model and achieves the efficient matching of different strategies.Based on the above designs, this paper builds up the. test environment and verification platform of the system, validates and realizes the function design of each module of the system, tests and evaluates the performance of the system. The detailed functional verification and performance testing result proves the correctness and feasibility of the proposed scheme.