基于用户行为分析的私有云数据安全动态访问控制模型研究

发布时间：2018-04-25 09:34

本文选题：数据安全 + 用户行为分析　；参考：《湖北民族学院》2017年硕士论文

【摘要】：保障数据安全是企业信息安全工作的首要目标,访问控制是实现这一目标的重要措施。为了业务的连续性,企业把信息系统集成整合到私有云后,仍然沿用了基于角色为用户静态授权的访问控制模型,这种机制不能应对合法用户账号的滥用或账号凭证失窃带来的威胁。本文在企业私有云环境下,使用机器学习的方法分析用户行为,尝试找到异常的用户行为,计算用户行为风险,调整用户信任等级,从而调整用户对应的角色,使之按照不同的权限操作企业的数据和应用子集。通过分析基于角色的访问控制模型在企业私有云环境下存在的不足,提出基于用户行为分析实现动态访问控制的必要性。分析了国内外使用机器学习方法分析用户行为的发展现状、主要方法和应用情况;完成了企业私有云信息系统集成整合环境下用户行为的定义和形式化表示,提出了基于Hadoop和机器学习的用户行为分析框架。实现了用户行为数据的采集、存储、数据预处理和使用机器学习自动分析用户行为的神经网络模型,给出了使用Tensor Flow训练神经网络和参数调优的典型环境和过程。改进了用户行为风险值的计算方法,给出了用户信任等级动态调整的方法和流程。基于以上研究,提出了一个基于用户行为分析的企业私有云动态访问控制模型,描述了各个模块的功能和之间的关系,给出了实现的途径。本文提出的基于用户行为分析的动态访问控制模型能帮助企业在私有云环境下及时发现未知的安全风险,及时的做出响应,并通过动态调整用户信任等级实现动态访问控制,从而保障企业的数据安全。
[Abstract]:To ensure data security is the primary goal of enterprise information security work, access control is an important measure to achieve this goal. For business continuity, enterprises integrate information system integration into private cloud, and still use access control model based on role based user static authorization. This mechanism can not cope with legitimate user accounts. In the private cloud environment, this paper uses machine learning methods to analyze user behavior, tries to find abnormal user behavior, calculates user behavior risk, adjusts user's trust level, and adjusts the user's corresponding role to operate the data and application of the enterprise according to different privileges. By analyzing the shortage of role based access control model in enterprise private cloud environment, the necessity of realizing dynamic access control based on user behavior analysis is proposed. The development status, main methods and application situation of user behavior analysis using machine learning methods at home and abroad are analyzed, and the private cloud information system of enterprise is completed. The user behavior analysis framework based on Hadoop and machine learning is proposed in the integration and integration environment. The user behavior analysis framework based on Hadoop and machine learning is proposed. The neural network model of user behavior data acquisition, storage, data preprocessing and automatic analysis of user behavior by machine learning is implemented, and Tensor Flow is used to train the neural network. And the typical environment and process of parameter tuning. The calculation method of user's behavior risk value is improved and the method and process of dynamic adjustment of user trust level are given. Based on the above research, a dynamic access control model of enterprise private cloud based on user behavior analysis is proposed, and the function and relationship between each module are described, and the relationship between the functions and the relationship of each module is described. The dynamic access control model based on user behavior analysis can help enterprises discover the unknown security risk in the private cloud environment, respond in time, and dynamically adjust the user's trust level to realize the dynamic access control, and ensure the data security of the enterprise.

【学位授予单位】：湖北民族学院
【学位级别】：硕士
【学位授予年份】：2017
【分类号】：TP309

【参考文献】