Research And Application On Resource And Attribute Based Access Control Model

With the development of information technology,the network environment has changed from centralized storage to distributed storage gradually,and the interaction between the user and information sharing have become more frequent,we are at an age that the size of the information sharing is very large,which means there are more and more systems that maintain huge amounts of information at the same time of information explosion.Information sharing is bound to produce more problems of the network security hidden danger,so the guarantee for information security has become a serious problem which needs more attention.For example,prevent users from unauthorized access to information,and protect the privacy of users and the enterprise will not be tampered illegally.Access control technology is a kind of effective means to solve the problem of network security,so it can solve the above-mentioned problems.Studies shows that existing access control model can't be well used in the system that maintains huge amounts of information.Thus,this article is based on the above research,a resource and attribute based access control model named RA-BAC was proposed.After a thorough investigation and study,this paper has a certain research results so far,the contributions in this thesis are summarized as follow:Firstly,this thesis proposes a new model named resource and attribute based access control model.In this model,we define four properties formally and redefine the access control rules,and emphatically describes the elements of the permission which in the resource attribute sets.Next,this thesis gives the model framework and describes each module and the flow of information.Secondly,this thesis uses the theory analysis and experiment to compare this model with other models.In the RA-BAC model,the access control policy is stored in the access control list which links with resource and there are only permissions in the access control list,so there is no problem of policy conflict.And the policies are storage distributed,so there is no policy base ballooning.This model use the environment attributes to described the context factors,so it can be flexible applied.This thesis utilizes the experiment to illustrate the running process of the RA-BAC model,using actual data embodies the advantages of the model further.Thirdly,this thesis elaborates the application method of the RA-BAC model in an industrial enterprise under the background of industry 4.0 detailedly and introduces the specific application process of the RA-BAC model with an instance.This thesis made a detailed analysis of the industrial enterprise network environment,and introduces the method of the RA-BAC model's application in the practical environment based on the actual security requirements of the industrial enterprise.This thesis also introduce the application process of RA-BAC model using an intelligent light of the industrial enterprise as an instance.Fourthly,this thesis implements the application of the RA-BAC model as an experimental,which illustrate the operation process and the feasibility of the model further.In conclusion,this thesis raised a resource and attribute based access control model which focuses on the practical application research of access control model in the system with large numbers of the subjects and resources,and this thesis not only defines the formal semantics of the model,but also describes the specific application process and its implementation detailedly.Thus,it can be an inspiration and reference to further application research.