| With the development of network, especially the arrival of cloud computing, distributed systemsecurity problem is an increasingly important issue. Role-Based Access Control is an effectivemeasure to ensure system’s security. However, the current Role-Based Access Control still can notfully meet the safety requirements of distributed systems. Therefore, the thesis does research andimprovement on Role-Based Access Control model. The main contributions of the thesis are asfollows:Firstly,in order to solve uesr’s trust problem, the thesis proposes a trust and preventedunauthorized operation based RBAC model. The model downgrades the roles of a user according tothe user’s trust and the average severity of user historical unauthorized operation. It improves theefficiency of the system. The thesis also proposes a role tree adjustment algorithm, which adjusts roleof unauthorized users, and verifies it through an experiment.Secondly, in order to solve mutually exclusive roles domain conversion problem,the thesisproposes a Chinese Wall and DTE based RBAC model. The model divides roles through publicinformation and conflict set of Chinese Wall, which means mutually exclusive relationship of roles. Inorder to reflect the role transformation process in different security domains, the mode uses DTEmodel to do it. The model can control role permissions and improve the security of distributedsystems.Finally, the thesis introduces user classification and tenants to traditional RBAC model, andproposes a user classification based RBAC model. The model solves the problem of adding roles andpermissions difficult in cloud system due to excessive number of users. The model can representchanges of the roles and permissions. It reduces the numbers of comparison of mutually exclusiveroles, which can improve the efficiency of role changing and permission changing. |
PDF Full Text Request