摘要
大数据技术越来越被重视,应用也越来越广,同时也引发了大家对大数据安全的关注.在众多安全问题中,重点讨论大数据环境下细粒度的访问控制与审计管理的问题,从大数据的4V和分布式应用的特征入手,分析了以往访问控制方式无法适应大数据的安全需求,从而提出利用4A和安全探针技术,以及ABAC的访问控制机制,以内外相结合的方式,实现了在大数据环境中基于行为的全过程细粒度的访问控制与审计管理的解决方案.
Big data technology is getting more and more attention and is used more and more widely. It also led to concerns for the security of big data. Among all the security issues 〉 this paper focuses on the problem of fine-grained access control and audit management in the context of big data. Starting from the characteristics of 4V and distributed application of big data? this paper analyzes why previous access control methods couldn,t adapt to the security requirements of big data, and proposes the based-on-behavior whole process fine-grained access control and audit management solutions under the circumstances of big data, utilizing the 4A and security agent technology, as well as ABAC access control mechanism. The combination of inside and outside, realized in the big data environment, based on the behavior of the whole process management of fine-grained access control and auditing of the solution.
作者
张锐卿
汤泰鼎
万可
Zhang Ruiqing Tang Taiding and Wan Ke(Topsec Technologies Inc. 9 Beijing 100085)
出处
《信息安全研究》
2017年第6期509-515,共7页
Journal of Information Security Research
