期刊文献+
任意字段
题名或关键词
题名
关键词
文摘
作者
第一作者
机构
刊名
分类号
参考文献
作者简介
基金资助
栏目信息

基于RBAC的隐私访问控制研究 被引量:8

Research on Privacy Access Control Based on RBAC
下载PDF
导出
摘要 基于角色的访问控制(Role-Based Access Control,RBAC)在Web服务隐私保护中可用于控制服务提供者对用户隐私数据的访问。针对RBAC运用于隐私场景中缺少相应的隐私属性而无法精确地描述隐私访问控制策略这一问题,提出了一种以RBAC为中心的隐私访问控制模型,给出了服务提供者信誉度分级方法。对不同信誉度等级的服务提供者分配不同的角色,以控制其对敏感隐私信息的访问。最后通过实例验证了该模型的有效性和可行性。 RBAC can be used to control the service provider to access the privacy of users in Web service.In order to solve the problem that RBAC cannot precisely describe the privacy access control policy for the lack of privacy attributes when it is applied in the privacy scene,this paper put forward a privacy access control model focused on RBAC,and provided the ranking method of the credibility of the service provider.Service providers with different credibility ranks were assigned with different roles to control their access to the sensitive privacy information.This paper also verified the validity and feasibility of the model through a specific example.
作者 张学明 黄志球 孙艺
机构地区 南京航空航天大学计算机科学与技术学院
出处 《计算机科学》 CSCD 北大核心 2016年第1期166-171,185,共7页 Computer Science
基金 国家自然科学基金(61272083)资助
关键词 角色访问控制 隐私授权 信誉度 敏感度 Role-based access control Privacy authorization Credibility Sensitivity
分类号 TP309 [自动化与计算机技术—计算机系统结构]
  • 相关文献

参考文献20

  • 1Cranor L F. Platform for privacy preferences (p3p)[M]//Ency- clopedia of Cryptography and Security. Springer US, 2011..940- 941. 被引量:1
  • 2Ashley P, Hada S, Karjoth G, et al. Enterprise privacy authori- zation language (EPAL 1,2)[Z]. Submission to W3C, 2003. 被引量:1
  • 3Ni Q, Bertino E, Lobo J, et al. Privacy-aware role-based access control[J]. ACM Transactions on Information and System Secu- rity (TISSEC) ,2010,13(3) .,24. 被引量:1
  • 4Ardagna C A, Cremonini M, De Capitani di Vimercati S, et al. A privacy-aware access control system[J]. Journal of Computer Security, 2008,16 (4) : 369-397. 被引量:1
  • 5Ardagna C A,Damiani E,di Vimercati S D C,et al. Towards pri- vacy-enhanced authorization policies and languages[M]//Data and Applications Security XIX. Springer Berlin Heidelberg, 2005.. 16-27. 被引量:1
  • 6Kolter J,Schillinger R, Pernul G. A privacy-enhanced attribute- based access control system[C]//Proc, of the 21st Annual IFIP WG 11.3 Working Conference on Data and Applications Securi- ty. Edondo Beach, CA, USA, July 2007. 被引量:1
  • 7Ferraiolo D F, Sandhu R, Gavrila S, et al. Proposed NIST stan- dard for role-based access control[J]. ACM Transactions on In- formation and System Security (TISSEC), 2001,4(3) : 224-274. 被引量:1
  • 8Ferraiolo D, Cugini J, Kuhn D R. Role-based access control (RBAC) : Features and motivations [C] // Proceedings of llth Annual Computer Security Application Conferenc, 1995.,241-248. 被引量:1
  • 9Anderson A. A comparison of two privacy policy languages:EP- AL and XACML[C]//Proceedings of the 3rd ACM Workshop on Secure Web Service. 2005. 被引量:1
  • 10Ardagna C A,Cremonini M,De Capitani di Vimercati S,et al. A privacy-aware access control system[J]. Journal of Computer Security, 2008,16(4) :369-397. 被引量:1

二级参考文献8

  • 1US Department of Health and Human Services. Summary of HIPAA Privacy Rule[OL].http://www,hhs.gov/ocr/hipaa/,2004. 被引量:1
  • 2Agrawal R,Kiernan J,Srikant R. Xu.Hippocratic Databases[A].VLDB Endowment,2002. 被引量:1
  • 3Gertz M,Jajodia S. Handbook of Database Security:Applications and Trends[M].Springer-Verlag,2007.27-53. 被引量:1
  • 4Damiani E,S De Capitani di Vimercati,Paraboschi S. A Fine-Grained Access Control System for XML Documents[J].ACM Transactions on Information and System Security,2002.169-202. 被引量:1
  • 5Finance B,Medjdoub S,Pucheral P. The case for access control on XML relationships[A].Acm Press,2005. 被引量:1
  • 6Koromilas L,Chinis G,Fundulaki I. Controlling access to XML documents over XML native and relational databases[A].Berlin:springer-verlag,2009. 被引量:1
  • 7Byun J W,Bertino E,Lui N. Purpose-Based Access Control of Complex Data for Privacy Protection[A].Acm Press,2005. 被引量:1
  • 8Afrati F,Chirkova R. Manolis Gergatsoulis etal,On Rewriting XPath Queries Using Views[A].Acm Press,2009. 被引量:1

共引文献2

同被引文献72

引证文献8

二级引证文献32

计算机科学
2016年 第1期

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部