The Research Of Access Control Mechanism Based On Attribute And Trust Evaluation

With the development and wide application of computer network technology, information acquisition and processing is more and more convenient, information sharing degree is higher and higher. As a result, it greatly promotes the social progress, but also provides an opportunity for the criminals using illegal resources, which leading to more and more attention to the security problem of information system. Access control technology is the fusion of computer science and safety engineering and one of the infrastructure of information system security, whose main task is to keep the information system resources from unauthorized access and use.Traditional access control technologies show high efficiency in information systems with simple structure and light management structure, but are no longer suitable for large information systems with characters such as multiple users, dynamic, distribution and heterogeneity. Under this circumstance, attribute-based access control was proposed by experts and scholars. At the same time, because the open system has the problem of insufficient safety information integrity, system has to make security decisions based on the auxiliary information provided by trusted third party. With the promotion of this context, researchers introduced the social trust in the access control, forming trust based access control. Based on these two kinds of access control technology, two research schemes are given under different application environments. The main content of this paper includes the following aspects:Firstly, on analyzing the deficiencies and defects of the existing access control model, a workflow access control model based on task and attributes was proposed. In order to achieve better dynamic effect, an attribute variable algorithm was proposed, and the specific implementation procedure is given either. The attribute variable algorithm improved the dynamic adaptability of traditional task-attribute access control model under workflow environment.Secondly, in view of the complexity of the fuzzy reasoning and the dependence of expert configuration rules in traditional hierarchical fuzzy system implementation process, an method which can realize dynamic configuration of reasoning rules was introduced into the fuzzy reasoning process. A dynamic hierarchical fuzzy system was built with the method, which greatly reducing the workload of configuration of fuzzy reasoning rule base and the complexity of the fuzzy reasoning. Moreover, the application of the layered trust attributes structure and dynamic fuzzy hierarchy system provides a new thought and method for trust evaluation.Finally, on the analysis of the characteristics of cloud manufacturing system as well as the advantages and disadvantages of existing access control model based on trust, a multi-attribute fuzzy trust access control scheme for cloud manufacturing system was proposed and the specific procedure was also given, combining dynamic hierarchical fuzzy system and trust evaluation. Attributes related to the trust in cloud manufacturing system were layered in the scheme, and the third party expert group trust evaluation was introduced. As a result, the scheme merges subject and object trust into the process of trust evaluation. In order to adapt to the special application background of the multiple fuzzy input attributes, hierarchical fuzzy system was introduced, avoiding the dimension disaster problem of single fuzzy system effectively and the traditional hierarchical fuzzy system’s rule configuration dependency on experts. However, it reduces the amount of calculation and complexity of the system greatly. Experiments show that this scheme can realize dynamic, fine-grained, efficient access control for the cloud manufacturing system.