To address characteristics of government collaborative scenarios,such as diverse and complex requirements,difficulty in managing personnel turnover,high data privacy level,and large data size,a Government-Based Access Control(GBAC)model for government collaboration was proposed.Access control in government collaborative scenarios must meet requirement for multiple departments performing different operations to the same resource.The existing access control technologies face issues of inadequate granularity and high maintenance costs,lacking secure,flexible,and precise access control model.Therefore,combining operating mechanisms of government departments,firstly,government organizational structure and administrative division structure were integrated into the access control model,and a belonging relationship tree of government staff,organizations,resources,and administrative divisions was constructed.Secondly,combined with attributes of organizations and positions which the government staff belongs to,a joint subject was constructed to achieve automatic granting and revoking permission.Thirdly,based on organizing functions and administrative division levels,a subject-object attribute matching strategy was designed to break data barriers and improve authentication efficiency.Finally,by introducing idea of permission hierarchy,data levels and functional levels were set for resources to control the access threshold of the subject,which enhanced model flexibility and further ensured data security.Experimental results show that compared with benchmark models such as Role-Based Access Control(RBAC)and Attribute-Based Access Control(ABAC),GBAC model reduces memory consumption and access latency significantly.It can be seen that the proposed model implements access management in government collaborative scenarios securely,effectively and flexibly.
万方数据
维普
