| With the rapid development and wide application of Internet, the access control is of great importance in people's daily life. To find a suitable and secure access control model has become a hot topic in related research field. General access control models are as follows: Dynamic Access Control (DAC), Mandatory Access Control (MAC), Role-based Access Control (RBAC) and Attribute-based Access Control. Compared with traditional access control models, RBAC has improved in some aspects such as role definition, but it still have disadvantages under complex network environment, such as fine-grained role-division and access policy management.This thesis proposes a new role-centric hybrid attribute based access control model which is called HABAC model. HABAC model is based on RBAC model. In order to be adopted by complicated access controls, HABAC integrates users'attributes with corresponding roles in RBAC96. In this thesis, the RBAC96 model is presented first, and then the HABAC model is described in details both in theory and equivalence proofs. A general decision algorithm is then given based on a refined model. Finally, the thesis demonstrates an application on HABAC model.ABE Algorithm is well applied in attribute-based access control. After discussing the adavantages and drawbacks of KP-ABE and CP-ABE algorithm, we propose a well-suitable algorithm for HABAC model. This paper first analyzes the efficiency and security of the scheme. Then we implement the algorithm of HABAC model under Linux. Furthermore, we proved the availability and superiority of our HABAC model compared with RRBAC96 model and analyzed its efficiency. |
PDF Full Text Request