Research And Application Of TRUCON And TRBAC Model

The development of Internet makes the efficient sharing of information resource much more convenient, which also brings a challenge to network security. The increasingly obvious dynamic of network security makes the traditional centralized, static network security system unsuitable to modern environment. So it is necessary to study the access control model for open network environment to meet the access control needs of network environment. Providing a suitable access control mechanism for business needs will make the increasingly large and complex enterprise network information system more secure. This paper researches how to solve the access control issues in the enterprise environment.Firstly, this paper analyses some typical access control models in detail, and compares the advantages, disadvantages and limitation of these access control models for the demand of complex enterprise environment and the higher access control.Secondly, based on the classification of task, the improved TRBAC model is proposed. On the basis of the features of task, TRBAC makes a security strategy through the refinement of task, solving diversity needs of access control strategies in the business environment. By clear management model and the hierarchical model based task, this paper makes TRBAC convenient for authorization and simplifies the security management. The constraint management of TRBAC effectively solves conflict problems of model, and meets the basic principles of access control, enhancing the model greatly in security aspect. Also, this paper discusses the realization means of rights and access control in TRBAC.Thirdly, based on the improved TRBAC model and aiming at features of abstract definition, complex realization, uneasy management of UCON_abc model, this paper organically combines TRBAC model and the UCON_abc model together, proposing a new manageable usage control model called TRUCON model. Next, this paper gives the formal definition of TRUCON model, discusses its management methods, so that the model has strong self-management capabilities. This paper particularly studies several applications of the TRUCON model in the enterprise environment, and designs and realizes the access control system based on the TRUCON model.TRUCON model not only meets diversity, flexibility and expansibility needs of access control policy configuration in the open network environment, but also effectively controls the continuity and the dynamic of the implementation of the strategy.