Design And Implementation Of Access Control Security Policy Management System Based On Multi-Attribute

In recent years,with the rapid development of information technology,people's demand for various types of services on the network,such as text,audio,image,video and so on,is also increasing.The Internet has become an indispensable part of people's daily life.However,due to some loopholes and improper supervision of the network itself,information security problems occur frequently in the Internet,and some confidential and sensitive information in network transmission is often leaked and illegally stolen.In addition,with the continuous enriclhment of user and service types and the intercommunication between different business systems,the dimensional attribute information attached to users is also increasing,which makes it difficult for traditional service access control systems to control users in multi-level and fine-grained ways.However,attribute-based access control is basically still at the stage of theoretical r-esearch,and large-scale applications are just beginning,so there is a lack of efficient and feasible corresponding system design.Aiming at the problems of low query efficiency of policies,long matching time and low judging accuracy in attribute-based access control systems,it is necessary to design more efficient and elaborate access control policies which are based on multi-attribute information to control users and services,improve access control model,introduce policy conflict handling mechanism,optimize the process of policy matching,build a feasible and robust system implementation and solve the high concurrency problem after the amount of users reaches a certain scale.In view of the above problems,this paper proposes and designs an access control security policy management system based on multi-attribute.The main work includes:(1)detailed investigation and comparative analysis of the common access control models,design of user's multi-attribute portrait and generation,classification,verification,mapping and other methods of resource request tag;(2)proposes a detailed solution of security policy management system based on multi-attribute,describes the operation process of the system,and divides the responsibilities of each functional module;(3)Following the design idea and principle,an access control security policy management system based on multi-attribute is implemented,which integrates policy matching function and management platform,and the performance of the core functional modules is optimized to ensure that the system maintains stable performance in high concurrency usage scenarios;(4)Considering the practical application,a system test environment is built for the access control security policy management system based on multi-attribute and the function verification and performance test are carried out.The results show that the system can meet the managing and controlling needs for users with different attribute characteristics and can formulate different access control policies to achieve efficient and flexible policy matching.