| Cloud manufacturing(CMfg),as an emerging service-oriented manufacturing model,is a research hotspot in the manufacturing field in recent years.CMfg is an effective way to promote the manufacturing industry transformation in our country and enhance the core competitiveness of the industry as it can improve production efficiency and bring the corresponding economic benefits.One of bottlenecks that restricts development of cloud manufacturing industry is security issues,especially how to provide efficient access control mechanism for all kinds of resources and services in the cloud manufacturing,which is an urgent problem at present.Because cloud manufacturing is a dynamic and isomeric process,traditional access control does not fit CMfg.Therefore,based on the characteristics of CMfg,building CMfg environment access control model and architecture plays a significant role in protecting the CMfg services and resources and promoting global cloud manufacturing.This thesis mainly focuses on the following aspects:(1)Combined with the features of CMfg and by analyzing access control requirements for cloud manufacturing resources and services,this thesis proposed a model called reasoning based access control model for cloud manufacturing(CM-RBAC)which is characterized with cross-domain and dynamic authorization.Through the ontology modeling and attribute rule,this model reasons out access control strategy for dynamic authorization and introduced a listener to solve the problem of updating dynamic authorization.This model meets the three basic principles of access control and has strong adaptability and pertinence,which makes it suitable for the cross-domain and dynamic cloud manufacturing environment.In addition,with due consideration given to the structure of cloud manufacturing,a hierarchical and module-divided CMfg access control structure was established to implement the system-level access control.(2)A cloud manufacturing cross-domain service invocation authorization framework was proposed.CMfg access center authenticates authorization.CMfg monitoring center updates rules automatically and monitor authorization,featuring distributability,scalability,connectivity and robustness.XACML policy description language is used to increase the versatility and scalability of access control.CMfg access control security protection measures were analyzed In order to strengthen the CMfg security.Comparison with other models in terms of such typical indicators of complexity and scale proved that access control policy of this model has high efficiency and small footprint,with the model characterized by unity,process,extendibility,flexibility,automation.(3)Based on the access control model and its key technology,a cloud manufacturing resource and service access control system was designed and established.Experiments which were conducted to test the feasibility and safety of the system showed effective access control and a strong anti-attack capability. |
PDF Full Text Request