| With the rapid development of information technology and widespread use ofthe Internet, cloud computing has become one of the core technologies in thedevelopment of the future computer industry. Through integrating large-scalecomputing resources and forming a huge resource pool, cloud computing providesinformation processing and computing services according to the users’ requirementsand charges users by services. Due to the advantages of the cloud computing model,many governments and enterprises are vigorously popularizing cloud computing.Nevertheless, cloud computing security, which has become a current research hotpot,is the major factor that hinders the widespread use of the cloud computing.Through a deep analysis on current security situation of cloud computing and afurther research on the access control model of cloud computing, the author extendedthe RBAC model basing on traditional role-based access control model (RBAC), andput forward a kind of access control model of VLOSRBAC (Variable level ofsecurity-RBAC) with the characteristic of dynamic adjustment of subject and objectpermission. The subject in this model has credit value and security level attribute.The higher the credit value is, the higher the security level is. The object also has thesecurity level attribute, and its value is determined by system setting. When thesubject accesses the object, the system will make a subject credit value assessmentand determine subject security level. If the subject has permission to access theobject and its safety level value is more than or equal to the level value of theaccessed object, then the system allows the subject to access the object, otherwisethe subject is not allowed to access the object. In addition, the system can record theoperation of the subject. If the subject makes an illegal operation in the process ofaccessing the system, the system can reduce the credit value of the subjectindependently, accordingly the subject security level will be reduced and the subjectaccess will be restricted to ensure the system security.In VLOSRBAC, the security level settings of the subject and the object limit theuserr research s access to the important resources in an open system; in case noparticipation of the third party authority, the model can modify the credit valueindependently according to the subject access records, and then change the subjectsecurity level and reached the constraints of the subject access, ultimately, to realize the flexibility of access control. According to this model, the author tested andverified the access control module of the online examination system based on cloudcomputing. The verification results show that VLOSRBAC can modify the subjectcredit value according to the subject access records, and then it can adjust thesecurity level of the subject independently. The system determines whether to allowthe subject to access the object through the security level comparison between thesubject and the object. |
PDF Full Text Request