透過您的圖書館登入 IP:3.16.15.149
透過您的圖書館登入
IP:3.16.15.149
  • 精確檢索 : 冠狀病毒
  • 模糊檢索 : 冠狀病毒
  • 冠狀病毒感染
    冠狀病毒疾病
  • 查詢出版品: 冠狀病毒
進階查詢
查詢歷史
主題瀏覽
  • 期刊

基於情境感知之網路服務環境的高安全存取控制機制

A Highly Secure Access Control Scheme for Web Services Based on Context-aware

曹偉駿(Woei-Jiunn Tsaur) 鄭博元(Bo-Yuan Cheng) 李建邦(Chien-Pang Lee)
《資訊管理學報》 20卷2期 (2013/04) Pp. 167-192
全文下載

摘要

以角色為基礎的存取控制(Role-based Access Control; RBAC)方式應用於網路服務中,雖然可使管理者有效率地檢視使用者目前所擁有的權限,然而隨著網路的發展與普及,網路安全問題層出不窮,現有存取控制機制是不足以確保網路服務的安全性。因此,本研究除了以情境感知機制彌補RBAC的不足,更進一步使用決策樹演算法探勘隱藏情境。其中,情境感知技術能隨著不同的時空與環境狀態變化,動態地調整用戶存取限制,並依照通訊裝置的特色,提供適當的服務與存取內容,使得授權機制更為彈性,故系統不論在安全性或執行效率上,皆能夠獲得較佳的改善。本機制首先整合單一登入與跨網域RBAC,改善多系統權限不一與角色衝突的問題,並藉由情境感知技術達到彈性授權之目的,更進一步地採用決策樹演算法,使得情境的推論更加精準,以提升系統在資訊傳輸的安全性及執行效率。

關鍵字

網路服務 角色為基礎的存取控制 資訊安全 情境感知 決策樹

並列摘要

With the more and more serious networks security problems, the existing role-based access control (RBAC) mechanisms are insufficient. Therefore, our research will improve RBAC mechanism by adding the functionality of context-aware, and further analyze hidden context data using the decision tree algorithm. The context-aware technique can dynamically adjust users' access constraints with differently temporal, spatial and environmental factors, and at the same time provide adaptable access contents according to distinctive features of equipment (or devices), such that it can extremely enhance security and efficiency in the information systems. Our proposed scheme will integrate the single sign-on and cross-domain RBAC mechanism to solve inconsistent authority and role conflict problems among multi-system in web services, and further achieve the capability of flexible authorization by using context-aware technique. Moreover, in order to improve the system security and efficiency for information transmissions of web services, we further employ the decision tree algorithm to enhance the precision of context inference.

並列關鍵字

Web services RBAC Information security Context-aware Decision tree

參考文獻

Abdallah, A. E.,Takabi, H.(2010).Formalizing delegation and integrating it into role-based access control models.Journal of Information Assurance and Security.5(1),21-30.
Al, A. D.,McNair, J.(2008).On the interaction between localization and location verification for wireless sensor networks.Computer Networks.52(14),2713-2727.
Chang, C. C.,Lou, D. C.,Wu, T. C.(1997).A binary access control method using prime factorization.Information Sciences.96(1-2),15-26.
Ferraiolo, D.,Kuhn, R.(1992).Role-based access controls.Proceedings of the Fifteenth National Computer Security Conference.(Proceedings of the Fifteenth National Computer Security Conference).:
Ferraiolo, D.,Barkley, F.,Kuhn, R.(1999).A role based access control model and reference implementation within a corporate intranet.ACM Transactions on Information and System Security.2(1),34-64.

延伸閱讀

全文下載