| Many key management methods based on cryptography have been proposed for the role-based access control(RBAC)model.The flow of people in the information system and the changes in the business cause changes in the role.The static RBAC model is difficult to respond quickly and efficiently to these changes.This dissertation studies the key management method of the dynamic RBAC model.Users of the information system can be divided into disjoint sets of users.Each set is represented as a role.A hierarchy is formed according to the partial order relation-ship between the characters,which can be roughly divided into a linear structure,a tree structure,and a directed acyclic graph structure.The linear structure and the tree struc-ture comply with the RBAC model of finite inheritance,that is,each role has at most one direct dominant role.This article focuses on linear and tree-shaped hierarchies,and does not discuss the structure of directed acyclic graphs.Based on the analysis and research of key management methods based on role identification allocation,using discrete logarithms,a Parameters Table-based key management scheme for Hierarchies(PTH)was introduced and security was proved.This method can be effectively ap-plied to the linear structure and the tree structure of the changeable RBAC.Through comparative experiments,it is found that the change response time of the PTH method is basically stable with the increase in the number of roles,and the change responses of other key management methods are positively correlated with the size of the role,which verifies the theoretical analysis results.Although the time consumption of PTH in the construction process has increased significantly,but because the construction is one-time,with the use of information systems,this disadvantage can be ignored after a lot of changes in the role.Experiments show that PTH can effectively improve the response efficiency of changeable RBAC. |
PDF Full Text Request