云计算环境中的访问控制策略合成研究

发布时间：2018-07-05 03:32

本文选题：云计算安全 + 访问控制　；参考：《西安电子科技大学》2014年硕士论文

【摘要】：随着云计算的快速发展，信息技术应用逐渐由传统的集中式形态发展到分布式形态，对于协同工作和信息共享的要求越来越高。云计算中多个安全域的资源聚合以及跨域的协同工作需要建立统一的访问控制策略。本文首先深入研究了云计算面临的安全问题，给出了云计算安全技术框架和云计算服务体系。本文介绍了经典访问控制模型以及访问控制策略合成的形式化定义和评估标准。随后详细介绍了基于属性的访问控制模型，，给出了改进的云计算环境下基于属性的访问控制形式化定义，以及相应的策略合成代数方案。在该方案中，对策略合成的属性元组进行扩充并对具体策略进行描述，并且使用用一种有效代数算子来完成元计算环境下的策略合成。最后给出了云计算环境中进行策略合成的具体步骤，并使用图书馆数据库系统的具体案例来展示了策略合成的具体步骤。
[Abstract]:With the rapid development of cloud computing, the application of information technology has gradually developed from the traditional centralized form to the distributed form, and the requirements for collaborative work and information sharing are becoming higher and higher. It is necessary to establish a unified access control strategy for resource aggregation and cross-domain collaborative work in cloud computing. In this paper, the security problems of cloud computing are studied, and the security framework and service architecture of cloud computing are presented. This paper introduces the classical access control model and the formal definition and evaluation criteria of access control policy composition. Then the Attribute-based access Control Model is introduced in detail. The formal definition of Attribute-Based access Control in improved cloud computing environment and the corresponding policy composition algebraic scheme are given. In this scheme, the attribute tuples of policy composition are extended and the specific policies are described, and an effective algebraic operator is used to complete the policy composition in meta-computing environment. Finally, the specific steps of policy composition in cloud computing environment are given, and the concrete steps of policy composition are demonstrated by using a specific case of library database system.
【学位授予单位】：西安电子科技大学
【学位级别】：硕士
【学位授予年份】：2014
【分类号】：TP393.08

【参考文献】