基于区块链的指挥信息系统用户权限管理问题研究
|
摘要
针对传统的指挥信息系统用户权限管理机制存在的授权模式单一、中心化和缺乏审计手段等问题,提出了一种基于区块链的指挥信息系统用户权限管理方案.利用区块链的"多链"架构划分指挥信息系统的业务席位,使得不同的业务数据在操作层面上相互隔离.通过用户权限策略的设计,实现了对指挥信息系统用户操作行为的统一规范管理.实验与分析结果表明,该方法实现了去中心化、不可篡改的用户权限数据记录模式,相较于传统方法更具安全性,并且拓展了"单链"区块链架构,提高了数据利用率.
Aiming at the problems of the single authorization mode, centralization and lack of auditing methods for the traditional user permission management in C~4ISR, a blockchain-based user permission management scheme for C~4ISR is proposed. The "multi-chain"architecture of the blockchain is used to divide the business seats of the C~4ISR, separates different business data from each other at the operational level. Through the design of user permission policies, the unified standard management of user operation behavior in C~4ISR is implemented. Experimental and analytical results show that our scheme implements decentralized and non-tamperable user permission data recording mode which is more secure than traditional schemes in C~4ISR, and expands the "single-chain" blockchain architecture to improve data utilization.
Aiming at the problems of the single authorization mode, centralization and lack of auditing methods for the traditional user permission management in C~4ISR, a blockchain-based user permission management scheme for C~4ISR is proposed. The "multi-chain"architecture of the blockchain is used to divide the business seats of the C~4ISR, separates different business data from each other at the operational level. Through the design of user permission policies, the unified standard management of user operation behavior in C~4ISR is implemented. Experimental and analytical results show that our scheme implements decentralized and non-tamperable user permission data recording mode which is more secure than traditional schemes in C~4ISR, and expands the "single-chain" blockchain architecture to improve data utilization.
引文
1曹雷.指挥信息系统[M].北京:国防工业出社,2012.
2王丹丹.信息化战场指挥信息系统安全保障体系研究[D].郑州:解放军信息工程大学,2012.
3姜斌,许桂明.指挥信息系统安全防护工程化设计[J].指挥信息系统与技术,2014,5(6):83-90.
4蒋春芳.信息作战环境下信息系统安全体系结构若干问题研究[D].武汉:华中科技大学,2005.
5袁勇,王飞跃.区块链技术发展现状与展望[J].自动化学报,2016,42(4):481-491.
6钱卫宁,邵奇峰,朱燕超,等.区块链与可信数据管理:问题与方法[J].软件学报,2018,29(1):150-159.
7王飞跃,袁勇,王帅,等.军事区块链:从不对称的战争到对称的和平[J].指挥与控制学报,2018,4(3):175-182.
8袁勇,王飞跃.平行区块链:概念、方法与内涵解析[J].自动化学报,2017,43(10):1703-1712.
9 NOFER M,GOMBER P,HINZ O,et al.Blockchain[J].Business&Information Systems Engineering,2017,59(3):183-187.
10 NAKAMOTO S.Bitcoin:a peer-to-peer electronic cash system[EB/OL].(2009-01-02)[2019-03-21].https://bitcoin.org/bitcoin.pdf.
11 ZHENG Z B,XIE S A,DAI H N,et al.Blockchain challenges and opportunities:a survey[J].International Journal of Web and Grid Services,2018,14(4):352-375.
12 HYPERLEDGER.Hyperledger project[EB/OL].(2018-12-04)[2019-03-21].https://www.hyperledger.org.
13 CORDA.Corda project[EB/OL].(2018-09-17)[2019-03-21].https://www.corda.net.
14 COSMOS.Cosmos project[EB/OL].(2019-01-09)[2019-03-21].https://cosmos.network.
15 BELL D E,LAPADULA J L.Secure computer system:mathematical foundations[R].M74-244.The MITRE Corporation,Bedford,1973.
16 BELL D E,LAPADULA J L.Secure computer systems:unified exposition and MULTICS interpretation[R].MTR-2997 Revision 1.The MITRECorporation,Bedford,1976.
17 SZABO N.Smart contracts[EB/OL].(201811-05)[2019-03-21].http://www.fon.hum.uva.nl/rob/Courses/InformationInSpeech/CDROM/Literature/LOTwinterschool2006/szabo.best.vwh.net/smart.contracts.html.
18 WG.Wrk project[EB/OL].(2018-01-12)[2019-03-21].https://github.com/wg/wrk.
19陈华平,范修斌,吕述望.基于标识的证书认证体制[P].CFL:CN102957536B 2013-03-06.
2王丹丹.信息化战场指挥信息系统安全保障体系研究[D].郑州:解放军信息工程大学,2012.
3姜斌,许桂明.指挥信息系统安全防护工程化设计[J].指挥信息系统与技术,2014,5(6):83-90.
4蒋春芳.信息作战环境下信息系统安全体系结构若干问题研究[D].武汉:华中科技大学,2005.
5袁勇,王飞跃.区块链技术发展现状与展望[J].自动化学报,2016,42(4):481-491.
6钱卫宁,邵奇峰,朱燕超,等.区块链与可信数据管理:问题与方法[J].软件学报,2018,29(1):150-159.
7王飞跃,袁勇,王帅,等.军事区块链:从不对称的战争到对称的和平[J].指挥与控制学报,2018,4(3):175-182.
8袁勇,王飞跃.平行区块链:概念、方法与内涵解析[J].自动化学报,2017,43(10):1703-1712.
9 NOFER M,GOMBER P,HINZ O,et al.Blockchain[J].Business&Information Systems Engineering,2017,59(3):183-187.
10 NAKAMOTO S.Bitcoin:a peer-to-peer electronic cash system[EB/OL].(2009-01-02)[2019-03-21].https://bitcoin.org/bitcoin.pdf.
11 ZHENG Z B,XIE S A,DAI H N,et al.Blockchain challenges and opportunities:a survey[J].International Journal of Web and Grid Services,2018,14(4):352-375.
12 HYPERLEDGER.Hyperledger project[EB/OL].(2018-12-04)[2019-03-21].https://www.hyperledger.org.
13 CORDA.Corda project[EB/OL].(2018-09-17)[2019-03-21].https://www.corda.net.
14 COSMOS.Cosmos project[EB/OL].(2019-01-09)[2019-03-21].https://cosmos.network.
15 BELL D E,LAPADULA J L.Secure computer system:mathematical foundations[R].M74-244.The MITRE Corporation,Bedford,1973.
16 BELL D E,LAPADULA J L.Secure computer systems:unified exposition and MULTICS interpretation[R].MTR-2997 Revision 1.The MITRECorporation,Bedford,1976.
17 SZABO N.Smart contracts[EB/OL].(201811-05)[2019-03-21].http://www.fon.hum.uva.nl/rob/Courses/InformationInSpeech/CDROM/Literature/LOTwinterschool2006/szabo.best.vwh.net/smart.contracts.html.
18 WG.Wrk project[EB/OL].(2018-01-12)[2019-03-21].https://github.com/wg/wrk.
19陈华平,范修斌,吕述望.基于标识的证书认证体制[P].CFL:CN102957536B 2013-03-06.