TA-BAC:基于有向无环图的访问控制模型
TA-BAC:Access control model based on directed acyclic graph
周川 1袁凌云 2黄敏敏1
作者信息
- 1. 云南师范大学信息学院,云南昆明 650500
- 2. 云南师范大学信息学院,云南昆明 650500;云南师范大学民族教育信息化教育部重点实验室,云南昆明 650500
- 折叠
摘要
为解决传统访问控制模型存在有效期内策略获取困难、传输过程安全性低等问题,研究更细粒度、更具适用性的基于属性权能的访问控制模型(token attribute based access control,TA-BAC).构建一种基于DAG区块链的TA-BAC访问控制模型;实现轻量化区块链存储,设计灵活的策略获取流程;引入基于属性的加密算法实现访问控制流程中凭证to-ken 的安全性增强机制.对优化后的访问控制模型进行分析验证,其结果表明,该模型具有较好的安全性和更高的性能,面对不同规模的访问控制场景具备良好的适用性.
Abstract
To solve the problems in the traditional access control model,such as difficulties in obtaining policies within the validity period,and low security in the transmission process,a finer-grained and more applicable token attribute based access control(TA-BAC)model was studied.A TA-BAC access control model based on the DAG blockchain was constructed.The lightweight blockchain storage was implemented,and a flexible policy acquisition process was designed.An attribute-based encryption algo-rithm was introduced to realize the security of the credential token in the access control process sexual enhancement mechanism.The optimized access control model was analyzed and verified.The results show that the model has better security and higher performance,and has good applicability to access control scenarios of different scales.
关键词
区块链/访问控制模型/有向无环图/策略保护/身份认证/网络安全/存储优化Key words
blockchain/access control model/DAG/policy protection/identity authentication/network security/storage opti-mization引用本文复制引用
基金项目
国家自然科学基金(62262073)
云南省应用基础研究计划面上基金(202101AT070098)
云南省万人计划青年拔尖人才基金(YNWR-QNBJ-2019-237)
出版年
2024
NETL
NSTL
万方数据