| With the development of Internet, network security problems become a priority among many of information security problems, more and more systems attacked and destroyed by the outlaws. network security linkage system has made certain contribution in protecting the safety of the system, but in the face of the crisis serious caused by network security loophole, to ensure the effective identity and effective equipment for those who access to the system become one of the key problems of current linkage system security research.Various kinds of network security equipment linkage system have their respective characteristics of access control, in this paper,we combined with its different characteristics, proposed an idea of access control based on policy in order to solve the problems of the access control policy form inconsistent and policy conflict caused by the collaborative work of different safety equipment. At first,this model collect different access control policies made by safety equipment and people, rulemaking the formal rules and using the XML language to store it; then using an improved access control policy conflict detection algorithm to normalize the policies and then detecting conflicts among these policies; finally, using the policy conflict resolution algorithm combine with increasing the digestion mechanism and setting priorities to solve the conflicts according to certain rules. We apply this model to network security equipment linkage system,using firewall log and user log as the data sources, in accordance with the processing flow in the model,not only realized the management of access control policy and verified the validity of the model, further improve the safety performance of the system,but the theoretical analysis and experimental results also show that the improvement algorithm introduced in this method has certain superiority in time complexity and space complexity. |
PDF Full Text Request