Security access control is an urgent issue to be solved in the field of cloud computing security,in which implementing reasona-ble dynamic monitoring users' activity to ensure the security of resources after logging in the system is the hot issue of current investiga-tion. The traditional access control policy can' t satisfy the current security requirements,just integrating roles with users can' t fully re-flect the users' security attributes,and can' t obtain the users' behavior in real time. Therefore,a kind of access control model based on the evaluation of trust rank and assessment of behavior rating is put forward. Its trust management takes the cross-domain operation of the users into account,and combines the users' initial trust,historical trust and cross-domain reference trust for evaluation. During the process of accumulating trust,the system dynamically assigns different trust degrees to users according to their current trust. Meanwhile,the sys-tem monitors the users' behavior,and the monitoring time slice changes with user behavior level. The experimental analysis proves that it is more fine-grained,more reliable,safer and better real-time in security access control.%安全访问控制是云计算安全领域中一个迫切需要解决的问题,其中在用户登入系统后,实施合理的动态监控用户行为以确保资源安全是当前研究的热点.传统的访问控制策略已经不能满足现在的安全需求,单一地将用户和角色进行关联,并不能全面地反映用户的安全属性,也无法实时获取用户的行为.因此,提出了一种基于信任度评估和行为级别评估的访问控制模型.该模型的信任管理考虑了用户的跨域操作,结合用户的初始信用度、历史信用度和域间参考信用度进行综合评价,在信用度累积过程中,系统会根据用户的当前信用度,动态赋予用户不同的信用度加成,同时监控用户行为,根据用户行为级别,更改监控时间片.通过实验分析证明,该模型在安全访问控制上,更加细粒度,更加安全可靠,实时性更好.
展开▼
