| Access control is one of the main strategies in permissions assignment andresource protection for information systems. Static access control is difficult toachieve dynamic user authorization to access and can not effectively curb usermalicious behavior. Therefore, building a flexible, dynamic access control model ishelpful to compensate for the lack of static strategy to enhance the security ofinformation systems.This paper reviews the basic principles of access control and trust mechanisms,and analyzes the main access control model, trust management and trust models,focusing on the role-based access control model and the construction method of trustrelationships. On this basis, this paper designs the dynamic access control modelbased on trust and role, it also gives the formal definition of the model and associatedconstruction algorithm. This model increases service, where the trust relationshipestablished, making the original static authorization privileges into dynamic privileges.The paper further explores the model of access control authorization mechanism. Theauthorization process is divided into authorization verification, trusted computing andauthority to adjust. The paper focuses on the authorization verification strategy andcalculation process of trusted computing, and gives the realization processes andalgorithms.Verification experiment proves dynamic access control model based on trust androle realizes the purposes of dynamic authorization.which can effectively curbmalicious behavior.Finally, the model is designed to meet the security requirements ofthe system. |
PDF Full Text Request