摘要
云环境中的多租户服务模式与隐私保护需求给工作流系统访问控制提出了新挑战。通过考虑不同工作流任务与任务组合中的数据包含隐私信息的程度、租户对隐私保护的不同需求以及与时间、服务提供者等云环境特性因素相关的任务执行约束,提出一种云工作流环境下隐私感知的多租户访问控制模型,并结合该模型提出了一种隐私感知、动态责任分离的授权约束方法。通过应用实例验证了所提模型与方法的有效性。
The multi-tenant service mode and needs of protecting user s privacy in cloud computing environment bring some new problems and challenges to the access control of a workflow management system.By considering the different degrees related to privacy involved in the workflow tasks and task combinations,the different privacy requirements of tenants and task execution constraints on characteristic elements of cloud computing environment such as time and service provider,a model of Privacy-aware Multi-tenant Access Control for Cloud Workflow(PMAC-CW)was proposed.A privacy-aware authorization method supporting dynamic separation of duty for PMAC-CW model was also proposed.It was proved that PMAC-CW model and privacy-aware authorization method were practical and feasible by applying them in real cloud workflow applications.
作者
文一凭
刘建勋
窦万春
陈爱民
周昱昊
WEN Yiping;LIU Jianxun;DOU Wanchun;CHEN Aiming;ZHOU Minhao(Key Laboratory of Knowledge Processing and Networked Manufacture,Hunan University of Science and Technology,Xiangtan 411000,China;Department of Computer Science and Technology,Nanjing University,Nanjing 210023,China;Planning Information Technology Research Center of Xiangtan,Xiangtan 411100,China;Xiangtan Iron & Steel Co.,Ltd. of Hunan Valin,Xiangtan 411201,China)
出处
《计算机集成制造系统》
EI
CSCD
北大核心
2019年第4期894-900,共7页
Computer Integrated Manufacturing Systems
基金
国家自然科学基金资助项目(61402167
61772193
61572187)
湖南省自然科学基金资助项目(2017JJ4036
2018JJ2139)
湖南省教育厅创新平台开放基金资助项目(17K033)~~
关键词
访问控制
多租户
云工作流
隐私
授权约束方法
access control
multi-tenant
cloud workflow
privacy
authorization method
