Study On Trust Constraint-based Access Control Model In Open Environment

In the open environment, information resources is large and complex,people hope to enjoy computing power and information services no difficultyand transparent whenever and wherever possible. Terminals require frequentinteraction in collaborative way to complete a specific service. However,traditional access control model can not meet the dynamic and openrequirement and easily lead to security risks like privacy loss problems. Toaddress this issue, research on access control model take two ways: trustconstraints and constraints consistent maintain in this paper.Based on the analysis of role-based access control model and requirementsin open environment, a trust constraint-based access control model (TrustConstraints-Based Access Control, TCBAC) is structured by extending RBACmodel with integrate trust level elements and add trust constraints. The modelsatisfies the principle of least privilege, and gain better fine-grained anddynamic characteristics compare with RBAC model, suitable for openenvironment with frequent change of system users and impossible to obtainthe user’s identity in advance in the open environment. To meet the trustmeasurement needs, through integration of rewards and punishments strategy,security classification strategy and introduction of trend forecasting strategy,an algorithm with lightweight and dynamic features is proposed. Simulationresults indicate the algorithm can better resist external malicious recommendcompared with Beth and J sang methods.Based on the analysis of the occurrence reason, hazards and classificationmethod of constraint conflict, addressed there is no effective consistentmethod for maintaining in access control model in existing studies. Based onthe constraint conflict graph, constraints conflict graph generation andconstraint consistency maintain algorithm are further given strictly. Throughconsistency maintain rules analysis and simulation example proved that thealgorithm is effective.The OM-AM framework and implementation methods is analysised. Aframework based on the TCBAC model and constraint consistency method foraccess control is structured and brief descripted use XCAML. The frameworkis used in the design of embedded web server and a simple prototype is realized. Correctness and security test results show that the framework can beapplied in open environment under given conditions for user’s dynamic andanonymous access request. It can create conditions for web’s securitycommunication.