基于ABAC的信任感知网格访问控制体系结构

2010 IEEE Fifth International Conference on Networking, Architecture, and Storage Pub Date : 2010-07-15 DOI:10.1109/NAS.2010.18

Tiezhu Zhao, Shoubin Dong

{"title":"基于ABAC的信任感知网格访问控制体系结构","authors":"Tiezhu Zhao, Shoubin Dong","doi":"10.1109/NAS.2010.18","DOIUrl":null,"url":null,"abstract":"Grid system has many great security challenges such as access control. The attribute-based access control model (ABAC) has much merits that are more flexible, fine-grained and dynamically suitable to grid environment. As an important factor in grid security, trust is increasingly applied to management of security, especially in access control. This paper puts forward a novel trust model in multi-domain grid environment and trust factor was originally introduced into access control architecture of grid to extend classic ABAC model. By extending the authorization architecture of XACML, extended ABAC based access control architecture for grid was submitted. In our experiment, the increase and decrease of trust are non-symmetrical and the trust model is sensitive to the malicious attacks. It can effectively control the trust change of different nodes and the trust model can reduce effectively the damage of vicious attack.","PeriodicalId":284549,"journal":{"name":"2010 IEEE Fifth International Conference on Networking, Architecture, and Storage","volume":"11 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2010-07-15","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"8","resultStr":"{\"title\":\"A Trust Aware Grid Access Control Architecture Based on ABAC\",\"authors\":\"Tiezhu Zhao, Shoubin Dong\",\"doi\":\"10.1109/NAS.2010.18\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Grid system has many great security challenges such as access control. The attribute-based access control model (ABAC) has much merits that are more flexible, fine-grained and dynamically suitable to grid environment. As an important factor in grid security, trust is increasingly applied to management of security, especially in access control. This paper puts forward a novel trust model in multi-domain grid environment and trust factor was originally introduced into access control architecture of grid to extend classic ABAC model. By extending the authorization architecture of XACML, extended ABAC based access control architecture for grid was submitted. In our experiment, the increase and decrease of trust are non-symmetrical and the trust model is sensitive to the malicious attacks. It can effectively control the trust change of different nodes and the trust model can reduce effectively the damage of vicious attack.\",\"PeriodicalId\":284549,\"journal\":{\"name\":\"2010 IEEE Fifth International Conference on Networking, Architecture, and Storage\",\"volume\":\"11 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2010-07-15\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"8\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2010 IEEE Fifth International Conference on Networking, Architecture, and Storage\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/NAS.2010.18\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2010 IEEE Fifth International Conference on Networking, Architecture, and Storage","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/NAS.2010.18","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 8

摘要

网格系统存在着访问控制等诸多安全难题。基于属性的访问控制模型(ABAC)具有灵活、细粒度、动态适应网格环境等优点。信任作为网格安全的一个重要因素，越来越多地应用于安全管理，特别是访问控制。本文提出了一种新的多域网格环境下的信任模型，并在网格访问控制体系结构中引入信任因子，对经典的ABAC模型进行了扩展。通过对XACML授权体系结构的扩展，提出了基于ABAC的网格访问控制扩展体系结构。在我们的实验中，信任的增减是非对称的，信任模型对恶意攻击很敏感。它可以有效地控制不同节点之间的信任变化，信任模型可以有效地减少恶意攻击的损害。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

A Trust Aware Grid Access Control Architecture Based on ABAC

Grid system has many great security challenges such as access control. The attribute-based access control model (ABAC) has much merits that are more flexible, fine-grained and dynamically suitable to grid environment. As an important factor in grid security, trust is increasingly applied to management of security, especially in access control. This paper puts forward a novel trust model in multi-domain grid environment and trust factor was originally introduced into access control architecture of grid to extend classic ABAC model. By extending the authorization architecture of XACML, extended ABAC based access control architecture for grid was submitted. In our experiment, the increase and decrease of trust are non-symmetrical and the trust model is sensitive to the malicious attacks. It can effectively control the trust change of different nodes and the trust model can reduce effectively the damage of vicious attack.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

2010 IEEE Fifth International Conference on Networking, Architecture, and Storage

自引率

0.00%

发文量