基于云存储的权限管理系统的设计与实现
发布时间:2018-10-08 14:29
【摘要】:云计算技术的迅速发展使得在其基础上发展出来的云存储服务也逐渐应用于各行各业。云存储在互联网下实现了协同工作和信息共享,同时,用户和资源的数量也是巨大的且在动态变化。因此,构建一个能够适应云存储环境的访问控制策略是非常有必要的。以往的访问控制模型都是针对静态环境设计的,但在云存储环境下,网络环境相较而言规模更大并处于动态变化中,这些访问控制模型很难适应这样的环境。基于角色的访问控制模型在当系统用户的数目变得异常庞大的时候,用户角色的分配和管理会变得十分复杂而且繁琐,而基于属性的访问控制建立在分布式的环境下,可以很好地弥补这个不足。因此,本文将两种访问控制进行了有效的结合,即根据用户、资源以及环境的属性来自动为用户分配角色,从而避免了手工分配的复杂工作,并且根据这个模型设计并实现了一个权限管理系统。本文的主要工作如下: 首先,本文介绍了云存储技术和访问控制技术的相关知识,在对各种访问控制模型以及云存储特点进行分析的基础上,通过与传统的访问控制模型的比较,得出基于属性访问控制和基于角色访问控制的优势以及二者的不足之处。 其次,本文使用了一种将基于角色访问控制和基于属性访问控制相结合的模型,详细描述了该模型的结构以及模块的设计,并根据所要实现的系统需求,对所设计的模型进行了简化。 最后,根据系统的需求,在所设计的访问控制模型的基础上,设计了一种与之相适应的策略方案,并根据该策略方案,设计并最终实现了一个适用于云存储服务的权限管理系统。
[Abstract]:With the rapid development of cloud computing technology, cloud storage services based on cloud computing technology are gradually applied to various industries. Cloud storage realizes cooperative work and information sharing under the Internet. At the same time, the number of users and resources is huge and dynamic. Therefore, it is necessary to construct an access control strategy that can adapt to cloud storage environment. Previous access control models were designed for static environment, but in cloud storage environment, the network environment is larger and is in dynamic change, these access control models are difficult to adapt to such an environment. When the number of users in the system becomes very large, the assignment and management of user roles become very complicated and cumbersome, while the attribute-based access control is established in a distributed environment. This deficiency can be made up well. Therefore, this paper combines the two kinds of access control effectively, that is, according to the attribute of user, resource and environment to assign the role automatically to the user, thus avoiding the complicated work of manual assignment. According to this model, a privilege management system is designed and implemented. The main work of this paper is as follows: firstly, this paper introduces the related knowledge of cloud storage technology and access control technology, based on the analysis of various access control models and the characteristics of cloud storage. By comparing with the traditional access control model, the advantages and disadvantages of attribute based access control and role based access control are obtained. Secondly, this paper uses a model which combines role-based access control and attribute-based access control, describes the structure of the model and the design of the module in detail, and according to the system requirements, The designed model is simplified. Finally, according to the requirements of the system and on the basis of the designed access control model, a suitable policy scheme is designed, and according to the policy scheme, Finally, a privilege management system for cloud storage service is designed and implemented.
【学位授予单位】:华北电力大学
【学位级别】:硕士
【学位授予年份】:2014
【分类号】:TP393.07
本文编号:2257116
[Abstract]:With the rapid development of cloud computing technology, cloud storage services based on cloud computing technology are gradually applied to various industries. Cloud storage realizes cooperative work and information sharing under the Internet. At the same time, the number of users and resources is huge and dynamic. Therefore, it is necessary to construct an access control strategy that can adapt to cloud storage environment. Previous access control models were designed for static environment, but in cloud storage environment, the network environment is larger and is in dynamic change, these access control models are difficult to adapt to such an environment. When the number of users in the system becomes very large, the assignment and management of user roles become very complicated and cumbersome, while the attribute-based access control is established in a distributed environment. This deficiency can be made up well. Therefore, this paper combines the two kinds of access control effectively, that is, according to the attribute of user, resource and environment to assign the role automatically to the user, thus avoiding the complicated work of manual assignment. According to this model, a privilege management system is designed and implemented. The main work of this paper is as follows: firstly, this paper introduces the related knowledge of cloud storage technology and access control technology, based on the analysis of various access control models and the characteristics of cloud storage. By comparing with the traditional access control model, the advantages and disadvantages of attribute based access control and role based access control are obtained. Secondly, this paper uses a model which combines role-based access control and attribute-based access control, describes the structure of the model and the design of the module in detail, and according to the system requirements, The designed model is simplified. Finally, according to the requirements of the system and on the basis of the designed access control model, a suitable policy scheme is designed, and according to the policy scheme, Finally, a privilege management system for cloud storage service is designed and implemented.
【学位授予单位】:华北电力大学
【学位级别】:硕士
【学位授予年份】:2014
【分类号】:TP393.07
【参考文献】
相关期刊论文 前10条
1 王瑰琦;;浅谈云存储技术的应用[J];电子制作;2013年06期
2 沈昌祥;张焕国;冯登国;曹珍富;黄继武;;信息安全综述[J];中国科学(E辑:信息科学);2007年02期
3 丁仲,左春;用于RBAC权限管理的面向对象框架[J];计算机工程与应用;2005年17期
4 颜学雄;马恒太;王清贤;李鹏飞;;基于属性树的Web服务访问控制模型[J];计算机工程与应用;2008年06期
5 梁彬 ,孙玉芳 ,石文昌 ,孙波;一种改进的以基于角色的访问控制实施BLP模型及其变种的方法[J];计算机学报;2004年05期
6 郭玮,茅兵,谢立;强制访问控制MAC的设计及实现[J];计算机应用与软件;2004年03期
7 封富君;李俊山;;新型网络环境下的访问控制技术[J];软件学报;2007年04期
8 张海娟;付争方;罗琴;吴茜;;强制访问控制模型研究与实现[J];计算机工程与设计;2008年03期
9 徐迪威;;云计算关键技术探究[J];现代计算机(专业版);2010年07期
10 徐国兰;;云存储在数字图书馆应用中的安全与防范研究[J];现代情报;2012年04期
相关博士学位论文 前2条
1 石莎;移动互联网络安全认证及安全应用中若干关键技术研究[D];北京邮电大学;2012年
2 徐杨;空间数据访问控制关键技术研究[D];解放军信息工程大学;2012年
,本文编号:2257116
本文链接:https://www.wllwen.com/guanlilunwen/ydhl/2257116.html
