Trusted Intranet Access Control Method Based On User Roles And Terminal Attributes

At a time when the pace of development of global informatization is accelerating,the degree of harm caused by intranet security incidents is gradually deepening,and the scope of influence is gradually increasing.More and more enterprises and institutions are increasingly demanding intranet security construction,and they have put forward higher requirements for intranet security standards.Existing trusted intranet security mechanisms rely on traditional access control mechanisms and specific network border defense mechanisms.The role-based access control mechanism has static policies and coarse-grained design limitations,which makes it impossible for the trusted internal network to guarantee the security and reliability of the intranet resource access process.At the same time,it is difficult to provide efficient and dynamic access control services for intranet resources.Aiming at the increasingly serious hidden danger of the leakage of sensitive resources in the trusted internal network,but the current intranet security mechanism cannot achieve efficient access control services,an improved trusted intranet access control method is proposed.This article combines the characteristics of the existing trusted network access mechanism and attribute-based access control strategies,and uses the attributes of user terminals as key elements.The access control model has been studied from the aspects of access control model strategy,access implementation method and model validity analysis to the trusted intranet,respectively.Finally,a trusted intranet access control prototype system based on user terminal attributes and roles is designed and implemented.The specific work of this paper is as follows:1.Aiming at the problem of coarse granularity and low flexibility of role-based access control model in trusted intranet,combining the advantages of role-based access control and attribute-based access control,a trusted intranet access control model based on user roles and terminal attributes is proposed.By analyzing the security requirements of the trusted intranet scenario,the access control model is modeled and policy designed.This model not only refines the granularity of intranet resource permission allocation,but also ensures that the resource access control process is related to the intranet environment security status in real time,and implements a dynamic resource access permission adjustment strategy related to the intranet environment security status.2.According to the improved trusted intranet access control method,this paper designed the actual scenario of trusted intranet and deployed the access control model in the trusted intranet environment.This paper combined the security analysis of the access control model and the analysis of the strategy effect of the actual access scenario to jointly verify the effectiveness of the trusted intranet access control method.For the improved intranet access control model,the architecture deployment and access communication process design are made in the trusted network scenario,the function modules and access control processes of each network entity are clarified,and the implementation method of the access control model is provided.3.According to the design of the scenario involving the trusted internal network access,a set of internal network prototype system deploying a trusted internal network access control method based on user roles and terminal attributes was designed and implemented in the experiment.Experimental tests of performance and performance were used to verify the effectiveness of the access strategy implementation of the access control method in this paper,which proves the feasibility of deploying and implementing this access control method in a trusted intranet environment.