[1] FERRAIOLO D F,KUHN D R. Future directions in role-based access control[C]//Proceedings of the 19961st ACM Workshop on Role-based Access Control. New York:ACM, 1996:Article No. 8-es. [2] SANDHU R,BHAMIDIPATI V,MUNAWER Q. The ARBAC97 model for role-based administration of roles[J]. ACM Transactions on Information and System Security,1999,2(1):105-135. [3] BERTINO E,BONATTI P A,FERRARI E. TRBAC:a temporal role-based access control model[J]. ACM Transactions on Information and Systems Security,2001,4(3):191-223. [4] JOSHI J B D. A generalized temporal role based access control model for developing secure systems[D]. West Lafayette:Purdue University,2003:94-122. [5] CRAMPTON J. Specifying and enforcing constraints in role-based access control[C]//Proceedings of the 2003 8th ACM Symposium on Access Control Models and Technologies. New York:ACM, 2003:43-50. [6] Wikipedia. Attribute-based access control[EB/OL].[2019-12-31]. https://en.wikipedia.org/wiki/Attribute-based_access_control. [7] SMARI W W, CLEMENTE P, LALANDE J F. An extended attribute based access control model with trust and privacy:application to a collaborative crisis management system[J]. Future Generation Computer Systems,2014,31(1):147-168. [8] DNSstuff. RBAC vs. ABAC:what's the difference?[EB/OL].[2020-01-19]. https://www.dnsstuff.com/rbac-vs-abac-accesscontrol. [9] KUHN D R,COYNE E J,WEIL T R. Adding attributes to rolebased access control[J]. Computer,2010,43(6):79-81. [10] ZHU Y,HUANG D,HU C J,et al. From RBAC to ABAC:constructing flexible data access control for cloud storage services[J]. IEEE Transactions on Services Computing,2015,8(4):601-616. [11] 熊厚仁, 陈性元, 费晓飞, 等. 基于属性和RBAC的混合扩展访问控制模型[J]. 计算机应用研究, 2016, 33(7):2162-2169. (XIONG H R,CHEN X Y,FEI X F,et al. Attribute and RBACbased hybrid access control model[J]. Application Research of Computers,2016,33(7):2162-2169.) [12] LO N W,YANG T C,GUO M H. An attribute-role based access control mechanism for multi-tenancy cloud environment[J]. Wireless Personal Communications,2015,84(3):2119-2134. [13] HUANG J, NICOL D M, BOBBA R, et al. A framework integrating attribute-based policies into role-based access control[C]//Proceedings of the 2012 17th ACM Symposium on Access Control Models and Technologies. New York:ACM, 2012:187-196. [14] 王于丁, 杨家海. 一种基于角色和属性的云计算数据访问控制模型[J]. 清华大学学报(自然科学版), 2017, 57(11):1150-1158.(WANG Y D,YANG J H. Data access control model based on data's role and attributes for cloud computing[J]. Journal of Tsinghua University(Science and Technology),2017,57(11):1150-1158.) [15] 汪玉江, 曹成堂, 游林. 基于区块链和属性基加密的个人隐私数据保护方案[J]. 密码学报, 2021, 8(1):14-27.(WANG Y J, CAO C T,YOU L. A novel personal privacy data protection scheme based on blockchain and attribute-based encryption[J]. Journal of Cryptologic Research,2021,8(1):14-27.) [16] 马佳乐, 郭银章. 云计算用户行为信任评估与访问控制策略研究[J]. 计算机应用研究, 2020, 37(S2):260-262.(MA J L,GUO Y Z. Research on cloud computing user behavior trust evaluation and access control strategy[J]. Application Research of Computers,2020,37(S2):260-262.) [17] American National Standards Institute. American National Standard for Information Technology-Next Generation Access Control-Functional Architecture(NGAC-FA):INCITS 499-2018[S]. New York:ANSI,2018-01-03. [18] 胡雨谷. 医疗隐私数据安全共享的机制研究[D]. 南宁:广西民族大学,2020:14-52.(HU Y G. Research on the mechanism of security sharing of medical privacy data[D]. Nanning:Guangxi University for Nationalities,2020:14-52.) |