| With the development of computer technology and network, computer security becomes more and more important. How to avoid access without authorization when realizing the security of resource sharing, multi-security cooperation is very important. Access control is one of the key points. Traditional access control roots single domain system. Directly using it in complex multi-domain network environment lots of security problems will appear. For the purpose of solving the problem of access with authorization, several expansion models of traditional access control technology appeared, and then the concept of trust management and automatic was raised.Identity-based access control is not sufficient because user need pre-register to gain access to a system. Authorization-based access control submits authorization information when building trust service while identity-based access control submitting identity information. Authorization-based access control makes the system have better security and haleness.Automatic trust negotiation let recourse suppliers and requesters build trust relation through interactive disclosure of trust certificates, access control strategy interactive disclosure. The sensitive recourses of trust negotiation systems include content-sensitive and possession-sensitive. The protection of trust certificates' possession-sensitive need to expand the trust certificates, disclose the head information and cooperate with digital Signature to prove source. The content of the certificates must use private attribute to process hidden protection. Set up a trust negotiation prototype system based on HTTPS; describe the access control strategies, negotiation process, negotiation protocols. Then present a trust negotiation model, raise out the model framework and analyze the model working flow. This model can realize the automatic building of trust between different domains and satisfy the demand of protecting users' privacies access control strategy. |
PDF Full Text Request