Research On Distributed Access Control Model Based On OAuth

This paper proposes an OAuth-based distributed access control model to study how the access control model should work in the mobile Internet and distributed network environments where IoT develops rapidly.Classical access control models consist of subject,object and permission to represent the relationship between access and authorization of subject and object.However,due to the complexity of attributes,access control participants in distributed networks can no longer be simply divided into subjects or objects.Starting from the distributed and social network structure,scholars have been working hard in recent years to find a highly adaptable and expressive dynamic access control model.They tried to propose some improved models,but only stayed in the improvement and optimization of existing models,rather than innovating on the basis of the model.Due to the particularity of the structure,research on access control for online social networks(OSN)first appeared the concept of not distinguishing between the subject and the object,and defined the indirect access between nodes.However,researchers have not applied these concepts to environments outside of OSN.The access control models need to be innovative at the model structure level.With the gradual development of distributed network,network nodes are interrelated and there are complex transmission relationships between them.This distributed authorization scenario is similar to the research in the OSN.Drawing on the experience in previous research and combining with mature authorization technology OAuth,this paper constructs a token mechanism based on OAuth as the carrier to complete the authorized access control model in the distributed network structure.It is dedicated to providing solutions for future access control in complex networks.First,the model considers both the subject and the object as nodes,making it more adaptable to modern networks.Then,each node in the distributed network is connected through pending authorization lists to form a network-like topology.After having a model structure,the model takes into account the characteristics of distributed access control,and improves the three-party access token authorization process in OAuth.Through a novel authorization method such as multi-party token traversal process,authorization list rules,and basic information rules,they act together to make access control authorization decisions.Finally,this paper applies the proposed model and classical models to various representative access control scenarios respectively,and analyzes the improvement of the expressiveness,autonomy and dynamics of access control.The model design of this paper allows the strategy layer of the model to develop a personalized access control strategy for different nodes and satisfy the requirements of classical access control models and new distributed access control models at the same time.In a practical scenario,nodes can freely manage permissions without relying on or affecting the entire system.Additionally,this topology makes the model fully consider the privacy of each node in the face of complex information dissemination.