CAJ | 학술논문

为实现移动节点跨域访问过程中的云资源保护,针对云环境和移动终端特点,借鉴已有的基于委托的RBAC 访问控制技术,提出了一种面向移动终端的跨域访问委托模型、委托机制,有效解决了移动终端所属域的动态多变问题.域管理节点维护的动态路由表,实现了移动节点的准确定位.模型给出了角色合成方法,结合量化角色技术,避免了映射过程中权限的隐蔽提升问题.委托申请频率阈值,避免了恶意节点频繁申请带来的资源耗尽风险.分析结果表明,模型具有较好的实用性和安全性,为实现现有跨域访问控制模型向移动终端扩展提供了新思路.
위실현이동절점과역방문과정중적운자원보호,침대운배경화이동종단특점,차감이유적기우위탁적RBAC 방문공제기술,제출료일충면향이동종단적과역방문위탁모형、위탁궤제,유효해결료이동종단소속역적동태다변문제.역관리절점유호적동태로유표,실현료이동절점적준학정위.모형급출료각색합성방법,결합양화각색기술,피면료영사과정중권한적은폐제승문제.위탁신청빈솔역치,피면료악의절점빈번신청대래적자원모진풍험.분석결과표명,모형구유교호적실용성화안전성,위실현현유과역방문공제모형향이동종단확전제공료신사로.
@@@@By considering the frequent migration characteristic of mobile terminal and the existing delegation based RBAC, the delegation based cross-domain access control model in cloud computing of the mobile terminal is presented. This delegation model can solve the problems of the frequent migration. It makes the management node of each domain maintain a dynamic routing table to locate the node. Also, a synthetic method to obtain synthetic mapping role is proposed. By combining the quantified-role method, the delegated node obtains the final mapping role of this cross-domain requirement. This can effectively solve the problem of permission hidden ascension in the mapping. The requirement frequency threshold will avoid the risk which is caused by the malicious node’s excessive operation. Analysis shows that the model has better security.