| Virtual enterprise (VE) is treated as one of the most promising business strategies for enterprise in the21st century, it consists of many independent, geographically dispersed enterprises or organizations that collaborating with each other and sharing resources to compose of dynamic alliance, in response to the market demand with minimal investment and the fastest response speed, and then achieve to maximize the interests of business. Under the era background of economic globalization and development of information technology rapidly, virtual enterprise is one of the efficient methods to cultivate core competiveness and implement sustainable development for Chinese high-tech enterprise. However, due to the features of distribution, dynamic and heterogeneity, which cause many unprecedented problems of information security, so that secure access and sharing of information and resources are important guarantee of completing the commercial target successfully in virtual enterprise. Although many access control models such as RBAC and T-RBAC have been proposed in recent years, the facts proved that traditional access control models is no longer suitable for virtual enterprise which the new type of business model. Consequently, to study the access control models in virtual enterprise environment not only has important theoretical significance, but also extensive application value.In this thesis, research on access control is focused on the following aspects:On the one hand, in the base of analyzing the requirements of virtual enterprise access control and the basic characteristics of existing access control models, then presents a project-team and task-role based dynamic efficient access control model. On the other hand, to puts forward a trust evaluation algorithm which draws on the ideas of fuzzy mathematics and Probability Theory, to realize dynamic authorization among collaborative users in VE. The main tasks have been accomplished in this thesis is as follows:(1) The basic knowledge of access control and trust theory are discussed. First, the the concept of access control, the principle and the existing access control models are introduced. Then the trust and existing trust models are introduced in detail, including the definition of trust, the characteristics of trust property, the difference between trust and reputation and the existing trust models in distributed environment, Summarizes the main problems of current research, and then explain the meaning of the trust in the access control model application.(2) According to the analysis of the requirements of virtual enterprise access control and the basic characteristics of existing access control models, this thesis presents a project-team and task-role based dynamic efficient access control model. This model is established which based on layering virtual enterprise organization structure, and combines the merits of TBAC and RBAC, realized dynamic and fine-grained access control. Meanwhile, the access control model introduces automatic role assignment policy and automatic authorization policy, improves the ability of automation and efficiency of Rights management in the system. By comparing with the performance of existing several kinds of access control models, it proves that this model meet the basic demand of virtual enterprise access control completely.(3) According to introducing the concept of trust and trust management into the task-role based access control model, which to solve the problems of resources sharing and dynamic authorization among collaboration users in virtual enterprise environment, the thesis puts forward a trust evaluation algorithm based on fuzzy mathematics and probability theory. Not only the problem of selecting trust partner according to the fuzzy comprehensive evaluation model, so that obtain best users-virtual roles list; but also implements dynamic authorization and cross-domain resource access for collaborative users which relys on the trust evaluation between virtual roles in workflows. |
PDF Full Text Request