Research And Design Of RBAC Model In Cloud Environment

As a new service model,cloud computing uses the network as a bridge to integrate the computing resources and storage resources scattered around the world to form a shared pool,thus providing users with powerful services.This service model has greatly improved resource utilization,while reducing operating costs and improving operational efficiency,enabling users to more easily and efficiently access network services.However,with the development of cloud computing,its security issues cannot be ignored.The traditional access control model is applicable to traditional static networks and cannot resist dynamic attacks in the cloud environment.Therefore,this paper proposes a dynamic access control model based on trust and role for the dynamic environment of cloud computing.By introducing the concept of trust,the process of granting permissions to users by trust and role is realized,thus improving the security of access process.The detailed resear-ch contents are summarized as follows:(1)By reading a large number of documents,the characteristics of the cloud computing environment are summarized,and the existing access models are compared and studied,and the inadequacies of the existing access control models applied to the cloud environment are analyzed.(2)Introduce the trust relationship between nodes in the cloud computing environment,and give the calculation method of trust values between nodes.The Bayesian theorem is used to derive the formula of direct trust value.According to the historical node interaction record,the direct trust value between nodes can be calculated,and the malicious node penalty algorithm is proposed to make the change range of trust satisfy the trend of "Slow increase and Rapid reduction".The multi-path algorithm is used to calculate the indirect trust value between nodes,which is recommended by a third-party node that has interaction with both nodes,and determines the weight of different paths according to the trust value of the first-level path.Finally,the direct trust value and the indirect trust value are weighted to obtain a comprehensive trust value using a weighting factor,which is dynamically adaptive.(3)According to the dynamic and real-time characteristics of cloud computing environment,a dynamic access control model based on trust and role is proposed for cloud computing environment,and the formal definition and execution flow of the model is given,called T-RBAC(Trust-RBAC)model.The model adds trust computing and trust evaluation modules based on the traditional RBAC model,and introduces the concept of service level.The model dynamically grants access rights to resources according to the service level corresponding to the trust value.(4)Three sets of experiments were designed to compare and analyze the performance of the T-RBAC model.By comparing the changes of the trust values before and after the introduction of the malicious node penalty algorithm,it is proved that the algorithm makes the user trust value more realistic.By comparing the changes of trusted nodes,dynamic malicious nodes and completely malicious nodes in the interaction process,the rationality of the trust calculation method is proved.Finally,the reliability and security of the T-RBAC model are verified by comparing the experimental results of the T-RBAC model and the classical Claudiu'S model on the three factors of interaction success rate,network delay and average throughput.