| With the rapid development of big data technology and the continuous growth of data scale,in order to effectively realize knowledge sharing among different industries or different organizations,it is necessary to further analyze and mine the intrinsic value of data resources through joint processing and calculation while ensuring the knowledge circulation.However,due to the characteristics of large data scale,strong openness and ever-changing number of users,knowledge sharing often faces huge problems of information security and privacy protection.However,the traditional access control technology in the process of guaranteeing the access to data resources still have the problem of relying on trusted third parties,low efficiency of authentication and poor security.In this thesis,the efficiency of cross-domain identity authentication and the security of resource authorization are improved with the help of blockchain technology and the knowledge sharing scenario.At the same time,a new access control method is proposed based on historical behavior factors.The main work of this thesis is as follows:(1)A cross-domain identity authentication protocol for knowledge sharing scenarios is proposed and designed.In the cross-domain authentication process of knowledge sharing scenario,single point of failure and low efficiency of identity authentication could happen.Based on block chain technology,we design the cross-domain authentication layered architecture,at the same time use more lightweight block chain certificate and the signature verification algorithm based on SM9 to design a cross-domain authentication protocols.Experimental results show that the protocol improves the efficiency of crossdomain authentication on the premise of security.(2)An attribute access control method combining historical behavior is proposed.Due to the nature of the knowledge sharing scenario,users who conform to traditional access control policies are still at risk of performing illegal behavior.However,the rolebased access control method cannot assign unified roles to users in a large number of users and dynamic scenarios,so the more flexible attribute-based access control method is chosen.On this basis,combining with the Bayesian trust model,the risk assessment of the current behavior is carried out by using the historical behavior,and the final decision result is obtained by integrating the access control strategy and the behavior risk assessment results.Experimental results show that the access control method proposed in this thesis improves the security of resource access control without affecting user experience.(3)A data collaborative analysis system based on cross-domain access control is designed and implemented.On the basis of the above mentioned cross-domain identity authentication protocol and the attribute access control method combined with historical behavior,the data collaborative analysis system is built,which mainly includes three modules: user management,shared knowledge management and task management.Finally,the visual display of the system is realized. |
