| With the rapid development and wide application of information technology,the progress of human civilization has been greatly promoted.While people enjoythe great convenience generated by information resources, however, informationsecurity itself is faced with a severe test. During the process of storage andtransmission, information would inevitably be illegally used, distorted, disclosed ordestructed,leading to serious information security problems.In order to meet theinformation security requirements of people, a variety of information securitytechnologies have been developed. Access control and security auditing are two ofthese technologies on information security issues. Despite the development ofInternettechnology, the vulnerability of information systems as well as the defectionof information security isincreasingly appearingin its application. Thus,it has beendifficult for us to solve increasingly various kinds of information security problemsby using single security method. Only by combining a variety of safer and morepractical security technologies together, can we possibly tackle these problems.In the traditional model of information security system, access controlmechanisms and security audit functions are two independent modules to achievefunction. These two modules are closely linked, though they work transparently.Therefore, it is impossible to realize the internal user rights audits in the accesscontrol.The features of practical application backup, power decentralization,collaborative work, in the access control models, are the hot and difficult spots inapplication research of access control models. However, due to the relatively littlecontact with security audit function, there is no concern on the safety audit and fewdynamic management of delegated permissions are required. Consequently, inaccordance to the factors analyzed above, this paper focuses on the study ofproblems in the following aspects:1.Deeply studying of the theory and security mechanisms of the variouscomponents in information security model, analyzing the main characteristics ofaccess control model, summarizing the advantages and disadvantages of differentmethods of access control,which is combined with the security audit concepts andcharacteristics, and summarizing the relationship between role-based access controland security audit. 2.According to the analysis of access control and security audit, from theconcepts and features of delegation permission, main research is carried out on thebreadth and depth of delegationanalysis, as well as authorization. Power delegationssolutions within the field of traditional access control are cited in comparison withdifferent role-based delegation models. Reference model is proposed for the lack ofsafety audit and for carrying out audit plans.3. Security auditing features are added into the delegate model, whichproposed a security audit function with role-based access control model based ontrust. Formal definition of the model is explained, and the model of the securityaudit function is described in detail.4. According to the application of case system in combination with modelpractice, authorization solutions in different scenarios are achieved by applyingaudit functions. |
PDF Full Text Request