The open and dynamic characteristics of cloud computing environment is easy to cause security problems, so security of the data resource and the privacy of user are facing severe challenges. According to the characteristics of dynamic user and data resources in cloud computing, a context and role based access control model was proposed. This model took context information and context restrict of cloud computing environment into account, and evaluated the user access request and the authorization policy in server, which could dynamically grant user's permission. The implementation process of cloud users accessing the resource were given, and the analysis and comparison further illuminated that the model has more advantages in the aspect of access control. This scheme can not only reduce the complexity of management, but also limit the privileges of cloud service providers, so it can effectively ensure the safety of cloud resources.
黄晶晶, 方群. 基于上下文和角色的云计算访问控制模型[J]. 计算机应用, 2015, 35(2): 393-396.
HUANG Jingjing, FANG Qun. Context and role based access control for cloud computing. Journal of Computer Applications, 2015, 35(2): 393-396.
[1] TIAN L, LIN C, NI Y. Evaluation of user behavior trust in cloud computing [C]//ICCASM 2010: Proceedings of the 2010 International Conference on Computer Application and System Modeling. Piscataway: IEEE, 2010, 7: 567-572. [2] FENG D, ZHANG M, ZHANG Y, et al. Study on cloud computing security [J]. Journal of Software, 2011, 22(1): 71-83. (冯登国, 张敏, 张妍, 等. 云计算安全研究[J].软件学报, 2011, 22(1): 71-83.) [3] ZHU T, LIU W, SONG J. An efficient role based access control system for cloud computing [C]//CIT 2011: Proceedings of the 2011 IEEE 11th International Conference on Computer and Information Technology. Piscataway: IEEE, 2011: 97-102. [4] SANDHU R S, COYNE E J, FEINSTEIN H L, et al. Role-based access control models [J]. IEEE Computer, 1996, 29(2): 38-47. [5] LI F, SU M, SHI G, et al. Research status and development trends of access control model [J]. Acta Electronica Sinica, 2012, 40(4): 805-813. (李凤华,苏铓, 史国振, 等. 访问控制模型研究进展及发展趋势[J].电子学报, 2012, 40(4): 805-813.) [6] LIN G, HE S, HUANG H, et al. Access control security model based on behavior in cloud computing environment [J]. Journal on Communications, 2012, 33(3): 59-66. (林果园, 贺珊, 黄皓, 等. 基于行为的云计算访问控制安全模型[J]. 通信学报, 2012, 33(3): 59-66.) [7] WANG X, FU H, ZHANG L. Research progress on attribute-based access control [J]. Acta Electronica Sinica, 2010, 38(7): 1660-1667. (王小明, 付红, 张立臣. 基于属性的访问控制研究进展[J]. 电子学报, 2010, 38(7): 1660-1667.) [8] LI W, WAN H, REN X, et al. A refined RBAC model for cloud computing [C]//ICIS 2012: Proceedings of the 2012 IEEE/ACIS 11th International Conference on Computer and Information Science. Piscataway: IEEE, 2012: 43-48. [9] WANG W, HAN J, SONG M, et al. The design of a trust and role based access control model in cloud computing [C]//ICPCA 2011: Proceedings of the 2011 6th International Conference on Pervasive Computing and Applications. Piscataway: IEEE, 2011: 330-334. [10] WU C, LI Z, CUI X. An access control method of cloud computing resources based on quantified-role [C]//ICCT 2012: Proceedings of the 2012 14th International Conference on Communication Technology. Piscataway: IEEE, 2012: 919-923. [11] ZHAO M, YAO Z. Access control model based on RBAC in cloud computing [J]. Journal of Computer Applications, 2012, 32(S2): 267-270. (赵明斌, 姚志强. 基于RBAC的云计算访问控制模型[J]. 计算机应用, 2012, 32(S2): 267-270.) [12] YAO H, HU H, LU Z, et al. Dynamic role and context-based access control for grid applications [J]. Computer Science, 2006, 33(1): 41-44. (姚寒冰, 胡和平, 卢正鼎, 等. 基于角色和上下文的动态网格访问控制研究[J]. 计算机科学, 2006, 33(1): 41-44.)