Study on Attribute and Trust-Based RBAC Model in Cloud Computing

doi:10.3778/j.issn.1002-8331.1901-0361

Computer Engineering and Applications ›› 2020, Vol. 56 ›› Issue (9): 84-92.DOI: 10.3778/j.issn.1002-8331.1901-0361

Previous Articles Next Articles

Study on Attribute and Trust-Based RBAC Model in Cloud Computing

YU Bo, TAI Xianqing, MA Zhijie

1.Institute of Electronics, Chinese Academy of Sciences, Beijing 100190, China
2.Key Laboratory of Technology in Geo-spatial Information Processing and Application System, Chinese Academy of Sciences, Beijing 100190, China
3.School of Electronic, Electrical and Communication Engineering, University of Chinese Academy of Sciences, Beijing 101408, China
4.Institute of Electronics, Chinese Academy of Sciences, Suzhou, Jiangsu 215121, China
5.Jiangsu Research and Development Center for Internet of Things, Wuxi, Jiangsu 214135, China

Online:2020-05-01 Published:2020-04-29

云计算环境下基于属性和信任的RBAC模型研究

余波，台宪青，马治杰

1.中国科学院电子学研究所，北京 100190
2.中国科学院空间信息处理与应用系统技术重点实验室，北京 100190
3.中国科学院大学电子电气与通信工程学院，北京 101408
4.中国科学院电子学研究所苏州研究院，江苏苏州 215121
5.江苏物联网研究发展中心，江苏无锡 214135

Abstract

Abstract:

Role-Based Access Control（RBAC） is a typical access control model that associates users with permissions through roles, making access control more flexible and easier to manage. However, in cloud computing environment, RBAC will have some security issues, such as the abuse of users’ permissions, the coarse granularity of access control, etc. To solve the above problems, an Attribute and Trust based RBAC model is proposed, named as ATRBAC. ATRBAC adopts the idea of ??Ciphertext Policy Attribute-Based Encryption（CP-ABE） and the method of trust evaluation. In ATRBAC, on the one hand, a user is granted the attribute set, which includes the trust value attribute. On the other hand, a role is embedded in the access structure, which includes the trust threshold. Only when the user’s attribute set matches the role’s access structure, the user can obtain the role and the corresponding permissions. The experimental results indicate that ATRBAC can realize dynamic and automatic authorization of permissions and finer-grained access control, which enhances the security of data and resources in cloud computing.

Key words: cloud computing, Role-Based Access Control（RBAC）, Ciphertext Policy Attribute-Based Encryption（CP-ABE）, trust

摘要：

基于角色的访问控制（Role-Based Access Control，RBAC）是一种经典的访问控制模型，其将用户与权限通过角色关联起来，使得访问控制更加灵活并易于管理。然而，在云计算环境中，RBAC会出现用户权限滥用和访问控制粒度较粗等安全问题。为解决以上问题，提出一种基于属性（Attribute）和信任（Trust）的RBAC模型，即ATRBAC。ATRBAC采用基于密文策略属性基加密（CP-ABE）的思想和信任评估的方法，一方面，为用户授予一个包含信任值属性的属性集合，另一方面，为角色嵌入一种包含信任阈值的访问结构。只有当用户属性集合匹配角色访问结构时，用户才可以获得角色及对应的权限。实验结果表明，ATRBAC模型能够实现动态授权、权限自动化授予以及更细粒度的访问控制，增强了云环境下数据资源的安全性。

关键词: 云计算, 基于角色的访问控制, 密文策略属性基加密, 信任

YU Bo, TAI Xianqing, MA Zhijie. Study on Attribute and Trust-Based RBAC Model in Cloud Computing[J]. Computer Engineering and Applications, 2020, 56(9): 84-92.

余波，台宪青，马治杰. 云计算环境下基于属性和信任的RBAC模型研究[J]. 计算机工程与应用, 2020, 56(9): 84-92.

[1]	MEN Jiawei, LAI Chengzhe. Trust Management Scheme with Incentive Mechanism for Cooperative Download of Internet of Vehicles [J]. Computer Engineering and Applications, 2021, 57(5): 100-106.
[2]	WENG Xiaoyong. Research on Blockchain Based Cloud Computing Data Sharing System [J]. Computer Engineering and Applications, 2021, 57(3): 120-124.
[3]	TIAN Zhuojing, HUANG Zhenchun, ZHANG Yinong. Review of Task Scheduling Methods in Cloud Computing Environment [J]. Computer Engineering and Applications, 2021, 57(2): 1-11.
[4]	ZOU Jianwen, ZHAO Bo, LI Xiang, LIU Yifan, LI Jiayue. tPUF-Based Security Access Scheme for IoT Devices [J]. Computer Engineering and Applications, 2021, 57(2): 119-126.
[5]	GU Junhua, CHEN Bo, WANG Rui, ZHANG Suqi. Social Recommendation Combined with Important Nodes Trust Propagation [J]. Computer Engineering and Applications, 2021, 57(17): 190-195.
[6]	HU Heng, JIN Fenglin, LANG Siqi. Survey of Research on Computation Offloading Technology in Mobile Edge Computing Environment [J]. Computer Engineering and Applications, 2021, 57(14): 60-74.
[7]	TONG Le, HAO Rong, YU Jia. Secure Outsourcing Scheme for Bilinear Pairing Based on Single Untrusted Server [J]. Computer Engineering and Applications, 2020, 56(9): 131-135.
[8]	JIANG Jiao, CAI Linqin, WEI Pengcheng, LI Li. Aretrieval Scheme Supporting Verifiable Ciphertext Fuzzy Keyword [J]. Computer Engineering and Applications, 2020, 56(7): 74-80.
[9]	WANG Jie, CHEN Zhigang, LIU Jialing, CHENG Hongbing. Privacy Behavior Mining Technology for Cloud Computing Based on Clustering [J]. Computer Engineering and Applications, 2020, 56(5): 80-84.
[10]	ZHANG Jin, SUN Fuzhen, WANG Shaoqing, WANG Shuai, LU Xiangzhi. POI Recommendation Algorithm with Fusing Social Relation and Geographical Information [J]. Computer Engineering and Applications, 2020, 56(5): 173-178.
[11]	DENG Xiaohong, ZHU Nianhong, HUANG Lei, WANG Zhiqiang, WANG Junbin. Research on Identity Trusteeship Model Based on Blockchain [J]. Computer Engineering and Applications, 2020, 56(4): 24-30.
[12]	GU Mingxing, HUANG Weijian, HUANG Yuan, SHENG Long, SHEN Chao, ZHANG Mengtian. Collaborative Filtering Recommendation Combining Attribute Clustering and Improving User Similarity [J]. Computer Engineering and Applications, 2020, 56(22): 185-190.
[13]	HAO Yuchen, LIU Chen. Research on Evolution of Views of Network Community Based on Media Intervention and User Trust [J]. Computer Engineering and Applications, 2020, 56(16): 156-164.
[14]	YU Lianglong, DU Weizhang. Secret Sharing Scheme Based on Symmetric Bivariate Polynomial [J]. Computer Engineering and Applications, 2020, 56(13): 120-123.
[15]	SHI Hui, CAI Yueming, YANG Weiwei, XIANG Zhongwu, CHEN Dechuan. Secure Performance Analysis on Untrusted Relay Network with TSR over Nakagami-[m] Channel [J]. Computer Engineering and Applications, 2020, 56(12): 98-104.

Study on Attribute and Trust-Based RBAC Model in Cloud Computing

云计算环境下基于属性和信任的RBAC模型研究

PDF

Knowledge

Abstract

Cite this article

share this article

References

Related Articles 15

Recommended Articles

Metrics