| With the development of information construction, government departments and enterprises have established their single-trust-domains (the domain under the same security policy) and developed their own applications systems, according to their business requirements. In the meantime, information technology applications make the demand of interoperation and information-sharing among these single-trust-domains increasingly pressing. In the current information systems which is highly dynamic, heterogeneous and distributed, it is necessary to realizing information-sharing and interoperation among multi-trust domains securely by acrossing single-domains restriction.This thesis investigates two kinds of models of multi-domain authentication and authorization system: based model of gateway mode and based model of distributed mode. We analyse the basic idea of the IRBAC(Interoperability Role Based Access Control) 2000 model, and mapping strategies of dynamic roles among domains, then points out several existing problems in them, which are showed as follows: (1) it violates the principle of duty separateness during role mapping among multi-trust domain; (2) it dose not consider how to process the related role when roles enter or exit; (3) it has the problems of role infiltration and covert promotion when roles shuttles among domains.To solve the above problems, this thesis proposes a MTD-IGRBAC (Multi-Trust Domain - Interoperability Granular Role Based Access Control) model, and describes relationship of every elements and access control strategy of the model. We introduce the MTD-IGRBAC model to security subsystem of electric power load forecasting system in Jinhua, which simplifies multi-trust domain authorization management. The application shows that the proposed model can realize security access control among multi-trust domains.The main contributions are as follows:(1) A G-RBAC model is proposed, which granulates permissions and roles, and introduces the time and context factors to the permission granularity and role granularity. It can solve the problems of minimum authorization and realize duty separateness principle properly.(2) A Trust-level computing model is introduced, which solves the problem of anonymous authorization in the access control for open environment, and enhances the flexibility of authorization management in access control.(3) The MTD-IGRBAC model is proposed, which is based on G-RBAC model and trust-level computing model. With the introduction of the trust-level computing and granular logical reasoning, the dynamic authorization of the MTD-IGRBAC model is realized, and the problems of both the related role processing while role changes (role enter or exit), and the role infiltration and implicit promotion while the role shuttles the other domains are properly resolved. Then the safe and flexible collaboration of multi-trust domains is maken possible. |
PDF Full Text Request