摘要
提出了一种基于贝叶斯公式的信息反馈模型BIF.当系统拒绝用户对资源的访问时,BIF通过计算在当前的条件下改变某些访问条件的可能性,把用户的访问条件的替代方案限制到一个小而有用的集合,系统将具有最大可能性的选项反馈给用户.用户根据系统的反馈改变访问条件从而成功访问资源.BIF引入附加策略来保护敏感策略,在此过程中不会泄漏任何危及到系统安全和机密性的信息.实验证明,BIF模型在保护了系统敏感信息的同时,也提高了系统的可用性及访问成功的几率.
A Bayesian-based information feedback mechanism (BIF) is proposed, after access control was analyzed and Bayesian measurement was introduced into trust negotiation. When a user's accessing to a resource was refused by the system, BIF could limit the alternative of user's accessing to a small and useful set to feedback a list of more possible alternatives to the user. Thus, the user could change the conditions and access to the resource successfully. An additional policy for protecting sensitive policy was added to BIF to protect any information about the system security and the secrets during the negotiation. Experimental results indicate that this mechanism not only protects the sensitive information on the system, but also enhances the system usability and the probability of the successful access.
出处
《华中科技大学学报(自然科学版)》
EI
CAS
CSCD
北大核心
2007年第4期14-17,共4页
Journal of Huazhong University of Science and Technology(Natural Science Edition)
基金
国家重大基础研究发展计划资助项目(2004CB318203)
关键词
信任协商
贝叶斯公式
访问控制策略
信息反馈
trust negotiation
Bayesian
access control policy
information feedback
