The Design Of Multi-domain And Multi-level Secure Access Control Model

With the rapid development of the information science technology, the network is becoming more and more powerful. Although the network provides great convenience for us, but it also brings us many security problems. Therefore, the security of the network must be taken into consideration. With the increase of the social communication, the collaborations between different departments in different fields are more and more frequent. The demands of information sharing and resource exchanging are increasing. In the distributed network environment, a good access control mechanism must be proposed to meet the demands of information sharing and resource exchanging and ensure the security of the system in multi-domain and multi-level network environment.To implement great access control in the multi-domain and multi-level network environment, this paper researched the access control technology in multi-domain and multi-level access control environment separately, analysed their advantages and disadvantages, proposed and designed the multi-domain and multi-level access control model according to the demands of the multi-domain and multi-level access control. The model includes two parts: the local domain access control and the inter domain access control. In the local domain, the system uses rigorous multi-level policy to ensure its security and to prevent the illegal information flow. In the inter domain access, make decision according to multiple attributes. According to the designed inter domain mapping algorithm, the system gets the initial mapping value based on the quantized value of the attributes and makes adjustment according to the environment attributes. And this paper innovatively proposed the modification to the initial mapping value by the subject’s credibility in the target domain to implement accurate and flexible mapping and get the ultimate mapping value. The system identifies the subject’s security level in target domain according to the ultimate mapping value to implement secure and flexible access control.As the integrated development environment, the Eclipse is used to simulate the local domain and inter domain access. The designed different access requests verify the correct and rational access results. And the effectiveness and security of the proposed multi-domain and multi-level access control model are verified.