基于EUCON的访问控制技术研究
|
摘要
随着网络技术的发展和互联网应用的日益增加,如何保证网络资源不被非法使用和访问这一问题显得越来越重要。近年来对访问控制的研究已成为计算机科学领域的研究热点。尽管目前基于属性方式的传统访问控制在数字信息系统中有许多应用,但原有授权模型已不能很好地满足版权保护等系统的需求,其局限性主要为:1)许可模型是从系统的角度出发,以基于主体-客体观点的被动安全模型来保护资源;2)授权模型是静态的,在执行任务之前,主体就拥有权限,无法解决在动态分布式系统下数字资源的非法使用问题。
针对现有的访问控制模型方面存在的不足,本文提出了一种基于属性RBAC及带委托性质的使用控制模型的新型动态许可授权模型(即Extended Usage Control,EUCON)。在EUCON框架模型的基础上,基于区间时序逻辑语言(即Internal Temporal Logic, ITL)建立了EUCON的动态逻辑描述模型。为使EUCON委托机制能够支持更灵活的细粒度委托,本文提出了一种新型的基于映射机制的细粒度RBAC委托模型(即Fine-GrainedRole Delegation Model Based Permission Mapping Mechanism,RDBMPM)。角色作为EUCON模型的一个组成部分,解决好基于角色层次来进行权限管理所存在的问题,将为EUCON模型的权限管理奠定基础。针对在大型的分布式应用系统中,角色层次已不能很好地反映角色的组织结构,本文在对角色的权限类型与角色之间的关系进行重新分析的基础上,引出了原子角色的概念,提出了基于原子角色授权许可模型(即Atom-Role-Based Access Control,ATRBAC),从而大大增强了EUCON权限管理系统的灵活性和安全性。
EUCON模型继承了UCON模型的优点并在属性、角色、委托等方面对UCON模型进行了扩展和完善,这使得EUCON模型能够提供更灵活的访问控制。最后,本文给出了EUCON模型的一个应用实例:提出了一种基于EUCON的数字版权保护系统EUDRMPS(即Extended Usge Control for DRM Protection System),体现了模型的实用价值。
With the development of network technology and the growing Internet applications, theissue of how to ensure network resources from unauthorized use and access has becomeincreasingly important. In recent years, research on access control has become a hot field oncomputer science. Although traditional attribute-based access controls have been widely usedin digital information systems, original authorization models can’t meet some systemrequirements well such as copyright protection, and their main faults are as follows: firstly,most of these models are based on the subject-object, which use passive strategies to protectresources from the point of systems; secondly, authorization models are static, subjects canhave privileges before the implementation of tasks, which can’t well solve the problem ofillegal use of digital resources in the dynamic, distributed system.
Against the deficiencies of existing access control models, this paper proposed a modelcalled EUCON: based attribute-RBAC with character of delegation usage control model. Andthen, in order to formally describe the EUCON core model, a EUCON logic model based onInternal Temporal Logic (ITL) was proposed.Thirdly, for the purpose of ensuring thatEUCON model supports fine-grained delegation, this paper proposed a RDBMPM model: afine-grained role delegation model based on permission mapping mechanism. Role as a partof EUCON model, which can well solve the problem of rights management based on rolehierarchy, will lay the foundation for the model’s rights management. Role hierarchy can’twell reflect the roles’ organization structure in the large-scale distributed applicationenvironments. Against above fault, this paper, by studing the role relationship and theirtransformation method, proposed the concept of atom role and constructed a newatom-role-based access control model, called ATRBAC, which enhances the flexibility andsecurity of EUCON model (or rights management system).
EUCON model, which can provide more flexible access control, has inherited theadvantages of UCON model and expanded it in the aspects of attribute, role and delegationetc. Lastly, this paper gave an application case of EUCON model: extended usage control forDRM protection system (called EUDRMPS), which reflects the model’s utility value.
针对现有的访问控制模型方面存在的不足,本文提出了一种基于属性RBAC及带委托性质的使用控制模型的新型动态许可授权模型(即Extended Usage Control,EUCON)。在EUCON框架模型的基础上,基于区间时序逻辑语言(即Internal Temporal Logic, ITL)建立了EUCON的动态逻辑描述模型。为使EUCON委托机制能够支持更灵活的细粒度委托,本文提出了一种新型的基于映射机制的细粒度RBAC委托模型(即Fine-GrainedRole Delegation Model Based Permission Mapping Mechanism,RDBMPM)。角色作为EUCON模型的一个组成部分,解决好基于角色层次来进行权限管理所存在的问题,将为EUCON模型的权限管理奠定基础。针对在大型的分布式应用系统中,角色层次已不能很好地反映角色的组织结构,本文在对角色的权限类型与角色之间的关系进行重新分析的基础上,引出了原子角色的概念,提出了基于原子角色授权许可模型(即Atom-Role-Based Access Control,ATRBAC),从而大大增强了EUCON权限管理系统的灵活性和安全性。
EUCON模型继承了UCON模型的优点并在属性、角色、委托等方面对UCON模型进行了扩展和完善,这使得EUCON模型能够提供更灵活的访问控制。最后,本文给出了EUCON模型的一个应用实例:提出了一种基于EUCON的数字版权保护系统EUDRMPS(即Extended Usge Control for DRM Protection System),体现了模型的实用价值。
With the development of network technology and the growing Internet applications, theissue of how to ensure network resources from unauthorized use and access has becomeincreasingly important. In recent years, research on access control has become a hot field oncomputer science. Although traditional attribute-based access controls have been widely usedin digital information systems, original authorization models can’t meet some systemrequirements well such as copyright protection, and their main faults are as follows: firstly,most of these models are based on the subject-object, which use passive strategies to protectresources from the point of systems; secondly, authorization models are static, subjects canhave privileges before the implementation of tasks, which can’t well solve the problem ofillegal use of digital resources in the dynamic, distributed system.
Against the deficiencies of existing access control models, this paper proposed a modelcalled EUCON: based attribute-RBAC with character of delegation usage control model. Andthen, in order to formally describe the EUCON core model, a EUCON logic model based onInternal Temporal Logic (ITL) was proposed.Thirdly, for the purpose of ensuring thatEUCON model supports fine-grained delegation, this paper proposed a RDBMPM model: afine-grained role delegation model based on permission mapping mechanism. Role as a partof EUCON model, which can well solve the problem of rights management based on rolehierarchy, will lay the foundation for the model’s rights management. Role hierarchy can’twell reflect the roles’ organization structure in the large-scale distributed applicationenvironments. Against above fault, this paper, by studing the role relationship and theirtransformation method, proposed the concept of atom role and constructed a newatom-role-based access control model, called ATRBAC, which enhances the flexibility andsecurity of EUCON model (or rights management system).
EUCON model, which can provide more flexible access control, has inherited theadvantages of UCON model and expanded it in the aspects of attribute, role and delegationetc. Lastly, this paper gave an application case of EUCON model: extended usage control forDRM protection system (called EUDRMPS), which reflects the model’s utility value.
引文
[1]. Masood M, Ghafoor A, Mathur A. Conformance Testing of Temporal Role-Based Access ControlSystems[J]. IEEE Trans. Dependable and Secure Computing,2010,7(2):144-158.
[2]. Jarecki S, Saxena N. On the Insecurity of Proactive RSA in the URSA Mobile Ad Hoc NetworkAccess Control Protocol[J]. IEEE Trans. Information Forensics and Security,2010,5(5):739-749.
[3]. Waller A.O, Jones G, Whitley T, et al. Securing the delivery of digital content over the Internet[J].Electronics&Communication Engineering Journal,2002,14(5):239-248.
[4]. Valimaki M, Pitkanen O. Digital rights management on open and semi-open networks[A]. InternetApplications,2001. WIAPP2001Proceedings[C].2001:154-155.
[5]. Bertino E, Sandhu R. Database security-concepts, approaches, and challenges[J]. IEEE Trans.Dependable and Secure Computing,2005,2(1):2-19.
[6]. A Chronology of Data Breaches[EB/OL].http://www.privacyrights.org/ar/ChronDataBreaches.htm#2009,2009.
[7]. Park J, Sandhu R. Towards usage control models: beyond traditional access control[A]. Proceeding ofthe7th ACM Symposium on Access Control Models and Tcehnologies[C]. Monterey, California:ACM Press,2002:57-64.
[8]. Park J, Sandhu R, Schifalacqua J. Security Architectures for Controlled Digital InformationDissemination[A]. In Proceedings of16th Annual Computer Security Application Conference[C].2000:224-233.
[9].蔡伟鸿,邓宇乔.一个具有公平匿名性的数字版权管理系统[J].计算机应用,2006,26(12):2924-2927.
[10].蔡伟鸿,邓宇乔.一个具有前向安全性的电子现金系统[J].计算机工程与应用,2007,43(7):152-166.
[11].Andreaux J.P, Durand A, Furon T, et al. Copy protection system for digital home networks[J]. IEEESignal Processing Magazine,2004,21(2):100-108.
[12].Steve K, Larry K. Applying digital rights management systems to privacy rights management[J].Computers and Security,2002,21(7):648-664.
[13].Messerges T.S, Dabbish E.A. Digital rights management in a3G mobile phone and beyond[A].Proceedings of the2003ACM Workshop on Digital Rights Management[C]. Washington, DC, USA:ACM Press,2003:27-38.
[14].Popescu B.C, Crispo B, Tanenbaum A.S, et al. A DRM security architecture for home networks[A].Proceedings of the4th ACM Workshop on Digital Rights Management[C]. Washington, DC, USA:ACM Press,2004:1-10.
[15].Kwok S.H, Lui S.M. A license management model for peer-to-peer music sharing[J]. InternationalJournal of Information Technology and Decision Making,2002,1(3):541-558.
[16].庄超.一种新型的Internet内容版权保护的计算机制[J].计算机学报,2000,23(10):1088-109.
[17].Feigenbaum J, Freedman M J, Sander T. Privacy engineering for digital rights managementsystems[A]. Sander T.ed. Security and Privacy in Digital Rights Management, Lecture Notes inComputer Science2320[C]. Berlin: Springer-Verlag,2002:76-105.
[18].马兆丰,冯博琴,宋擒豹.基于动态许可证的信任版权安全认证协议[J].软件学报,2004,15(1):131-140.
[19].Felten E.W. A skeptical view of DRM and fair use[J]. Communications of the ACM,2003,46(4):57-59.
[20].Cohen J.E. DRM and privacy[J]. Communications of the ACM,2003,46(4):47-49.
[21].俞银燕,汤帜.数字版权保护技术研究综述[J].计算机学报,2005,28(12):1957-1968.
[22].Wei-hong Cai, Yu-qiao Deng. An Algorithm Design for A Digital Rights Management System[A].Proceedings of2007IEEE International Workshop on Anti-counterfeiting Security, Identification[C],2007:275-279.
[23].蔡伟鸿,蔡建坤,徐涛,等.基于属性RBAC及委托性质的使用控制模型[J].汕头大学学报(自然科学版),2010,25(4):57-65.
[24].肖水. DRM使用控制技术的研究与应用[D].汕头大学:汕头大学,2010.
[25].Sandhu R. Mandatory Controls For Database Integrity[A]. Proceedings of the IFIP WGll.3Workshopon Database Security[C]. Monterey, Colifornia,1989:143-150.
[26].Bell D.E, LaPadula L.J. Secure Computer System: Unified Exposition and Multics Interpretation[A].MTR-2997Rev.1[C], Bedford, MA, USA: The MITRE Coproration,1976:5-62.
[27].Ferraiolo D.F, Cugini J.A, Kuhn D.R. Role-Based Access Control(RBAC): Features andMotivations[A]. Proceedings of11th annual Computer Seeurity Applications Conf[C],1995:241-248.
[28].Sandhu R.S, Coyne E.J, Feinstein H.L, et al. Role-based access control models[J]. IEEE Compututer,1996,29(2):38-47.
[29].Sandhu R. Rationale for the RBAC96family of access control models[A]. In Proceedings of the lstACM Workshop on Role-Based Access Control[C]. New York: ACM,1996:9-es.
[30].Sandhu R, Bhamidipati V, Coyne E, et al. The ARBAC97model for role-based administration of roles:preliminary description and outline[A]. Proceedings of the second ACM workshop on Role-basedaccess control[C].1997:41-50.
[31].Ferraiolo D.F, Sandhu R, Gavrila S, et al. Proposed NIST Standard for Role-Based Access Control[J].ACM Transaction on Information and System Security,2001,4(3):224-274.
[32].Bertino E, Bonatti P.A, Ferrari E. TRBAC: A temporal role-based access control model[J]. ACM Trans.Inf. Syst. Secur,2001,4(3):191-233.
[33].Bell D.E, LaPadula L.J. Secure computer systems: Mathematical foundations and model[R]. Bedford,MA: The Mitre Corporation,1973.
[34].Bell D.E, LaPadula L.J. Secure computer systems: a mathematical mode[R]. Bedford, MA: The MitreCorporation,1973.
[35].Bell D.E, LaPadula L.J. Secure computer systems: a refinement of the mathematical model[R].Bedford, MA: The Mitre Corporation,1973.
[36].Bell D.E, LaPadula L.J. Secure computer system: unified exposition and MULTICS interpretation[R].Bedford, MA: The Mitre Corporation,1976.
[37].Clark D.D, Wilson D.R. A comparison of commercial and military computer security policies[A].Proceedings of1987IEEE Symposium on Security and Privacy[C]. Oakland. Los Alamitos: IEEE CSPress,1987:184-194.
[38].Nash M.J, Poland K.R. Some conundrums concerning separation of duty[A]. Proceeding of IEEESymposium on Research in Security and Privacy[C].1990:201-207.
[39].Brewer D.F.C, Nash M.J. The chinese wall security policy[A]. Proceedings IEEE Computer SocietySymposium on Research in Security and Privacy[C].1989:206-214.
[40].Ferraiolo D.F, Gilbert D.M, Lynch N. An Examination of Federal and Commercial Access ControlPolicy Needs[A]. Proceedings of the16th NIST-NSA National Computer Security Conference[C].1993:107-116.
[41].Sandhu R.S, Coyne E.J, Feinstein H.L, et al. Role-Based Access Control: a Multidimensional View[A].Proceedings of the10th Annual Computer Security Applications Conference[C].1994:54-62.
[42].Ahn G.J, Sandhu R. Role-based authorization constraints specification[J]. ACM Transactions onInformation and System Security.2000,3(4):207-226.
[43].Bertino E, Ferrari E, Atluri V. A flexible model supporting the specification and enforcement ofrole-based authorization in workflow management systems[A]. Proceedings of the2nd ACMWorkshop on Role-Based Access Control[C]. New York, NY, USA: ACM Press,1997:1-12.
[44].Moffett J.D. Control principles and role hierarchies[A]. Proceedings of the3rd ACM Workshop onRole-Based Access Control[C]. New York, NY, USA: ACM Press,1998:63-69.
[45].Moffett J.D, Lupu E.C. The use of role hierarchies in access control[A]. Proceedings of the fourthACM workshop on Role-based access control[C].1999:153-160.
[46].Osborn S, Sandhu R, Munawer Q. Configuring role-based access control to enforce mandatory anddiscretionary access control policies[J]. ACM Transactions on Information and System Security,2000,3(2):85-106.
[47].Sandhu R, Muawer Q. How to do discretionary access control using roles[A]. Proceedings of the3thACM Workshop on Role-based Access Control[C],Youman C and Jaeger T, Chairs.New York, NY,USA:ACM Press,1998:47-54.
[48].Park J. Usage control: A unified framework for next generation access control[D]. George Masonuniversity: George Mason University,2003.
[49].Park J, Sandhu R. Originator control in usage control[A]. Proceedings of the3rd InternationalWorkshop on Policies for Distributed Systems and Networks[C]. IEEE Computer Society,2002:60-66.
[50].Sandhu R, Park J. Usage Control: A vision for next generation access control[A]. Proceedings of the2nd International Workshop on Mathematical Methods[C]. Models and Architectures for ComputerNetworks Security. Berlin: Springer,2003:17-31.
[51].Park J, Sandhu R. The UCONABCusage control model[J]. ACM Transactions on Information andSystem Security,2004,7(l):128-174.
[52].Zhang X, Park J, Presicce F.P, et al. A logical Specification for Usage Control[A]. Proceedings of the9th ACM Symposium on Access Control Models and Technologies[C]. New York: ACM Press,2004:1-10.
[53].Zhang X, Presicce F.P, Sandhu R, et al. Formal model and policy specification of usage control [J].ACM Transactions on Information and System Security,2005,8(4):351-387.
[54].Zhang X, Sandhu R, Presicce F.P. Safety analysis of usage control authorization models[A].Proceeding of ACM Symposium on Information, Computer, and Communieation Security[C]. TaiPei:ACM Press,2006:243-254.
[55].Zhao B, Sandhu R, Zhang X, et al. Towards a Time-Based Usage Control Model[J].2007,4602(10):227-242.
[56].Shin W, Yoo S.B. Secured web services based on extended usage control[A]. Proceedings of the2007international conference on Emerging technologies in knowledge discovery and data mining[C].Nanjing, China:Springer Berlin,2007:656-663.
[57].Li Z, Ye X. Towards a dynamic multi-policy dissemination control model:(DMDCON)[J]. ACMSIGMOD Record,2006,35(1):33-38.
[58].Zhang X, Nakae M, Covington M.J, et al. A usage-based authorization framework for collaborativecomputing systems[A]. Proceedings of the eleventh ACM symposium on Access control models andtechnologies[C]. Lake Tahoe, California, USA: ACM,2006:180-189.
[59].Katt B, Zhang X, Breu R, et al. A general obligation model and continuity: enhanced policyenforcement engine for usage control[A]. Proceedings of the13th ACM symposium on Access controlmodels and technologies[C]. Estes Park, CO, USA: ACM,2008:123-132.
[60].Xu M, Jiang X, Sandhu R, et al.Towards a VMM-based usage control framework for OS kernelintegrity protection[A]. Proceedings of the12th ACM symposium on Access control models andtechnologies[C]. Sophia Antipolis, France: ACM,2007:71-80.
[61].Zhang X, Nakae M, Covington M.J, et al. Toward a Usage-Based Security Framework forCollaborative Computing Systems[J]. ACM Transactions on Information and System Security(TISSEC),2008,11(1):1-36.
[62].Abie H, Spilling P, Foyn B. A distributed digital rights management model for secureinformation-distribution systems[J]. International Journal of Information Security,2004,3(2):113-128.
[63].Nair S.K, Tanenbaum A.S, Gheorghe G, et al. Enforcing DRM policies across applications[A].Proceedings of the8th ACM workshop on Digital rights management[C]. Alexandria, Virginia, USA:ACM,2008:87-94.
[64].Zhang Z, Yang L, Pei Q, et al. Research on Usage Control Model with Delegation CharacteristicsBased on OM-AM Methodology[A]. Proceeding of2007IFIP International Conference on Networkand Parallel Computing–Workshop on Network and System Security[C]. Liaoning: IEEE ComputerSociety,2007:238-243.
[65].Barka E, Lakas A. Integrating usage control with SIP-based communications[J]. Journal of ComputerSystems, Networks, and Communications,2008,2008:1-8.
[66].蔡伟鸿,韦岗,肖水.基于映射机制的细粒度RBAC委托授权模型[J].电子学报,2010,38(8):1753-1758.
[67].蔡伟鸿,肖水,韦岗等.基于选择性马尔可夫模型的缓存预取策略[J].通信学报,2010,31(2):58-66.
[68].Davis R. The digital dilemma[J]. Communications of the ACM,2001,44(2):77-83.
[69].Biddle P, England P, Peinado M, et al. The darknet and the future of content distribution[EB/OL].Proceedings of the2002ACM Workshop on Digital Rights Management.[Online] Available:http://crypto.stanford.edu/DRM2002/darknet5.doc,2002.
[70].Bell, D.E. Looking Back at the Bell-La Padula Model[A]. Proceedings of the21st Annual ComputerSecurity Applications Conference[C]. Washington DC, USA: IEEE Computer Society,2005:337-351.
[71].Biba K.J. Integrity considerations for secure computer systems[R]. Technical Report MTR-3153,MITRE Corporation, Mitre Corp,1975.
[72].王兆祥,郭义喜.使用控制模型在DRM中的应用[J].微计算机信息,2007,23(3):1-3.
[73].Cau A, Moszkowski B. Interval Temporal Logic[EB/OL]. http://www.cse.dmu.ac.uk/STRL/ITL/,March26,2010.
[74].Allen J.F, Ferguson G. Actions and events in interval temporal logic[J]. Journal Logic andComputation,1994,4(5):531-579.
[75].Barka E, Sandhu R. Framework for role-based delegation models[A]. Proceedings of the16th AnnualComputer Security Application Conference[C]. New Orleans LA USA: IEEE,2000:168-176.
[76].Barka E, Sandhu R. A role-based delegation model and some extensions[A]. Proceedings of the23rdNational Information Systems Security Conference (NISSC2000)[C]. Baltimore USA:2000:101-114.
[77].Barka E, Sandhu R. Role-based delegation model/hierarchical roles(RBDM1)[A]. Proceedings of the20th Annual Computer Security Applications Conference (ACSAC’04)[C]. Tucson, Arizona: ACSAC,2004:396-404.
[78].Zhang L.H, Ahn G.J, Chu B.T. A rule-based framework for role-based delegation[A]. Proceedings ofthe6th ACM Symposium on Access Control Models and Technologies[C]. New York, USA: ACM,2001:153-162.
[79].Zhang X.W, Oh S, Sandhu R.S. PBDM: A flexible delegation model in RBAC[A]. Proceedings of the8th ACM Symposium on Access Control Models and Technologies[C]. New York: ACM,2003:149-157.
[80].Wainer J, Kumar A. A fine-grained, controllable user-to-user delegation method in RBAC[A].Proceedings of the10th ACM Symposium on Access Control Models and Technologies[C]. New York,USA: ACM,2005:59-66.
[81].赵庆松,孙玉芳,孙波. RPRDM:基于重复和部分角色的转授权模型[J].计算机研究与发展,2003,40(2):221-227.
[82].翟征德.基于量化角色的可控委托模型[J].计算机学报,2006,29(8):1401-1407.
[83].Ye C, Fu Y, Wu Z. An attribute-based-delegation-model[A]. Proceedings of the3rd internationalconference on Information security[C], Shanghai, China: ACM,2004:220-221.
[84].Chou S, Eric Jui-Lin Lu, Chen Y.H. X-RDR: a role-based delegation processor for web-basedinformation systems[J]. ACM SIGOPS Operating Systems Review,2005,39(1):4-21.
[85].Wainer J, Kumar A, Barthelmess P. DW-RBAC: A formal security model of delegation and revocationin workflow systems[J]. Information Systems,2007,32(3):365-384.
[86].Mavridis I, Mattas A, Pagkalos I, et al. Supporting dynamic administration of RBAC in web-basedcollaborative applications during run-time[J]. International Journal of Information and ComputerSecurity,2009,2(4):328-352.
[87].Xu M, Wijesekera D. A role-based XACML administration and delegation profile and its enforcementarchitecture[A]. Proceedings of the2009ACM workshop on Secure web services[C]. Chicago, Illinois,USA: ACM,2009:53-60.
[88].Wang H, Osborn S.L. Delegation in the role graph model[A]. Proceedings of the eleventh ACMsymposium on Access control models and technologies[C]. Lake Tahoe, California, USA: ACM,2006:91-100.
[89].孙为群,单保华,张程,等.一种基于角色代理的服务网格虚拟组织访问控制模型[J].计算机学报,2006,29(7):1199-1208.
[90].翟征德,冯登国,徐震.细粒度的基于信任度的可控委托授权模型[J].软件学报,2007,18(08):2002-2015.
[91].邓勇,陈建刚,王汝传,等.网格计算环境的一种基于信任度的授权委托机制[J].通信学报,2008,29(9):10-17.
[92].廖俊国,洪帆,朱更明,等.基于信任度的授权委托模型[J].计算机学报,2006,29(8):1265-1270.
[93].ANSI INCITS359-2004. Role based access control[S]. New York: American national standard forinformation technology,2004.
[94].Marcus A, Tardos G.. Excluded Permutation Matrices and the Stanley-Wilf Conjecture[J]. Journal ofCombinatorial Theory Series A,2004,107(1):153-160.
[95].Bertino E, Bettini C, Ferrari E. An access control model supporting periodicity constraints andtemporal reasoning[J]. ACM Transactions on Database Systems,1998,23(3):213-285.
[96]. Fuchs L, Preis A. BusiROLE: A model for integrating business roles into identity management[A].Proceedings of the5th International Conference on Trust, Privacy and Security in Digital Business[C].Torino, Italy: IEEE Computer Science,2008:128-138.
[97].Fugkeaw S, Manpanpanich P, Juntrapremjitt S. Exploiting X.509certificate and multi-agent systemarchitecture for role-based access control and authentication management[A]. The7th IEEEInternational Conference on Computer and Information Technology,2007[C]. Fukushima, Japan:IEEE Computer Science,2007:733-738.
[98].Li N, Byun J.W, Bertino E. A Critique of the ANSI standard on role-based access control[J]. IEEESecurity and Privacy,2007,5(6):41-49.
[99].Ren Y, Xiao Z, Guo S. An extended RBAC model for uniform implementation of role hierarchy andconstraint[A]. International Symposium on Electronic Commerce and Security,2008[C]. Guangzhou,China: IEEE Computer Science,2008:169-174.
[100]. Oh S, Sandhu R. A model for role administration using organization structure[A]. Proceedings ofthe seventh ACM symposium on Access control models and technologies[C]. Monterey, California,USA:ACM,2002:155-162.
[101]. Essmayr W, Probst S, Weippl E. Role-based access controls: status, dissemination, and prospects forgeneric security mechanisms[J]. Electronic Commerce Research,2004,4(1):127-156.
[102]. Zhang S, Wang B. Research on improved role hierarchy model in extended organization PKInetworks [A]. PDCAT2005[C]. Dalian, China: IEEE Computer Science,2005:339-342.
[103].邵桂伟,余本功,杨善林.一种针对信息网格RBAC模型私有权限问题的有效解决方案[J].计算机应用研究,2007,24(4):133-135.
[104]. Zhong H, Feng Y, Jiang H. Role hierarchy model for role-based access control and its application[J].Journal of Software,2000,1(6):779-784.
[105]. Lee H, Lee S.Y, Noh B.N. A new role-based authorization model in a corporate workflowsystems[A]. Computational Science and Its Applications(ICCSA2004)[C]. Assisi, Italy: IEEEComputer Science,2004:701-710.
[2]. Jarecki S, Saxena N. On the Insecurity of Proactive RSA in the URSA Mobile Ad Hoc NetworkAccess Control Protocol[J]. IEEE Trans. Information Forensics and Security,2010,5(5):739-749.
[3]. Waller A.O, Jones G, Whitley T, et al. Securing the delivery of digital content over the Internet[J].Electronics&Communication Engineering Journal,2002,14(5):239-248.
[4]. Valimaki M, Pitkanen O. Digital rights management on open and semi-open networks[A]. InternetApplications,2001. WIAPP2001Proceedings[C].2001:154-155.
[5]. Bertino E, Sandhu R. Database security-concepts, approaches, and challenges[J]. IEEE Trans.Dependable and Secure Computing,2005,2(1):2-19.
[6]. A Chronology of Data Breaches[EB/OL].http://www.privacyrights.org/ar/ChronDataBreaches.htm#2009,2009.
[7]. Park J, Sandhu R. Towards usage control models: beyond traditional access control[A]. Proceeding ofthe7th ACM Symposium on Access Control Models and Tcehnologies[C]. Monterey, California:ACM Press,2002:57-64.
[8]. Park J, Sandhu R, Schifalacqua J. Security Architectures for Controlled Digital InformationDissemination[A]. In Proceedings of16th Annual Computer Security Application Conference[C].2000:224-233.
[9].蔡伟鸿,邓宇乔.一个具有公平匿名性的数字版权管理系统[J].计算机应用,2006,26(12):2924-2927.
[10].蔡伟鸿,邓宇乔.一个具有前向安全性的电子现金系统[J].计算机工程与应用,2007,43(7):152-166.
[11].Andreaux J.P, Durand A, Furon T, et al. Copy protection system for digital home networks[J]. IEEESignal Processing Magazine,2004,21(2):100-108.
[12].Steve K, Larry K. Applying digital rights management systems to privacy rights management[J].Computers and Security,2002,21(7):648-664.
[13].Messerges T.S, Dabbish E.A. Digital rights management in a3G mobile phone and beyond[A].Proceedings of the2003ACM Workshop on Digital Rights Management[C]. Washington, DC, USA:ACM Press,2003:27-38.
[14].Popescu B.C, Crispo B, Tanenbaum A.S, et al. A DRM security architecture for home networks[A].Proceedings of the4th ACM Workshop on Digital Rights Management[C]. Washington, DC, USA:ACM Press,2004:1-10.
[15].Kwok S.H, Lui S.M. A license management model for peer-to-peer music sharing[J]. InternationalJournal of Information Technology and Decision Making,2002,1(3):541-558.
[16].庄超.一种新型的Internet内容版权保护的计算机制[J].计算机学报,2000,23(10):1088-109.
[17].Feigenbaum J, Freedman M J, Sander T. Privacy engineering for digital rights managementsystems[A]. Sander T.ed. Security and Privacy in Digital Rights Management, Lecture Notes inComputer Science2320[C]. Berlin: Springer-Verlag,2002:76-105.
[18].马兆丰,冯博琴,宋擒豹.基于动态许可证的信任版权安全认证协议[J].软件学报,2004,15(1):131-140.
[19].Felten E.W. A skeptical view of DRM and fair use[J]. Communications of the ACM,2003,46(4):57-59.
[20].Cohen J.E. DRM and privacy[J]. Communications of the ACM,2003,46(4):47-49.
[21].俞银燕,汤帜.数字版权保护技术研究综述[J].计算机学报,2005,28(12):1957-1968.
[22].Wei-hong Cai, Yu-qiao Deng. An Algorithm Design for A Digital Rights Management System[A].Proceedings of2007IEEE International Workshop on Anti-counterfeiting Security, Identification[C],2007:275-279.
[23].蔡伟鸿,蔡建坤,徐涛,等.基于属性RBAC及委托性质的使用控制模型[J].汕头大学学报(自然科学版),2010,25(4):57-65.
[24].肖水. DRM使用控制技术的研究与应用[D].汕头大学:汕头大学,2010.
[25].Sandhu R. Mandatory Controls For Database Integrity[A]. Proceedings of the IFIP WGll.3Workshopon Database Security[C]. Monterey, Colifornia,1989:143-150.
[26].Bell D.E, LaPadula L.J. Secure Computer System: Unified Exposition and Multics Interpretation[A].MTR-2997Rev.1[C], Bedford, MA, USA: The MITRE Coproration,1976:5-62.
[27].Ferraiolo D.F, Cugini J.A, Kuhn D.R. Role-Based Access Control(RBAC): Features andMotivations[A]. Proceedings of11th annual Computer Seeurity Applications Conf[C],1995:241-248.
[28].Sandhu R.S, Coyne E.J, Feinstein H.L, et al. Role-based access control models[J]. IEEE Compututer,1996,29(2):38-47.
[29].Sandhu R. Rationale for the RBAC96family of access control models[A]. In Proceedings of the lstACM Workshop on Role-Based Access Control[C]. New York: ACM,1996:9-es.
[30].Sandhu R, Bhamidipati V, Coyne E, et al. The ARBAC97model for role-based administration of roles:preliminary description and outline[A]. Proceedings of the second ACM workshop on Role-basedaccess control[C].1997:41-50.
[31].Ferraiolo D.F, Sandhu R, Gavrila S, et al. Proposed NIST Standard for Role-Based Access Control[J].ACM Transaction on Information and System Security,2001,4(3):224-274.
[32].Bertino E, Bonatti P.A, Ferrari E. TRBAC: A temporal role-based access control model[J]. ACM Trans.Inf. Syst. Secur,2001,4(3):191-233.
[33].Bell D.E, LaPadula L.J. Secure computer systems: Mathematical foundations and model[R]. Bedford,MA: The Mitre Corporation,1973.
[34].Bell D.E, LaPadula L.J. Secure computer systems: a mathematical mode[R]. Bedford, MA: The MitreCorporation,1973.
[35].Bell D.E, LaPadula L.J. Secure computer systems: a refinement of the mathematical model[R].Bedford, MA: The Mitre Corporation,1973.
[36].Bell D.E, LaPadula L.J. Secure computer system: unified exposition and MULTICS interpretation[R].Bedford, MA: The Mitre Corporation,1976.
[37].Clark D.D, Wilson D.R. A comparison of commercial and military computer security policies[A].Proceedings of1987IEEE Symposium on Security and Privacy[C]. Oakland. Los Alamitos: IEEE CSPress,1987:184-194.
[38].Nash M.J, Poland K.R. Some conundrums concerning separation of duty[A]. Proceeding of IEEESymposium on Research in Security and Privacy[C].1990:201-207.
[39].Brewer D.F.C, Nash M.J. The chinese wall security policy[A]. Proceedings IEEE Computer SocietySymposium on Research in Security and Privacy[C].1989:206-214.
[40].Ferraiolo D.F, Gilbert D.M, Lynch N. An Examination of Federal and Commercial Access ControlPolicy Needs[A]. Proceedings of the16th NIST-NSA National Computer Security Conference[C].1993:107-116.
[41].Sandhu R.S, Coyne E.J, Feinstein H.L, et al. Role-Based Access Control: a Multidimensional View[A].Proceedings of the10th Annual Computer Security Applications Conference[C].1994:54-62.
[42].Ahn G.J, Sandhu R. Role-based authorization constraints specification[J]. ACM Transactions onInformation and System Security.2000,3(4):207-226.
[43].Bertino E, Ferrari E, Atluri V. A flexible model supporting the specification and enforcement ofrole-based authorization in workflow management systems[A]. Proceedings of the2nd ACMWorkshop on Role-Based Access Control[C]. New York, NY, USA: ACM Press,1997:1-12.
[44].Moffett J.D. Control principles and role hierarchies[A]. Proceedings of the3rd ACM Workshop onRole-Based Access Control[C]. New York, NY, USA: ACM Press,1998:63-69.
[45].Moffett J.D, Lupu E.C. The use of role hierarchies in access control[A]. Proceedings of the fourthACM workshop on Role-based access control[C].1999:153-160.
[46].Osborn S, Sandhu R, Munawer Q. Configuring role-based access control to enforce mandatory anddiscretionary access control policies[J]. ACM Transactions on Information and System Security,2000,3(2):85-106.
[47].Sandhu R, Muawer Q. How to do discretionary access control using roles[A]. Proceedings of the3thACM Workshop on Role-based Access Control[C],Youman C and Jaeger T, Chairs.New York, NY,USA:ACM Press,1998:47-54.
[48].Park J. Usage control: A unified framework for next generation access control[D]. George Masonuniversity: George Mason University,2003.
[49].Park J, Sandhu R. Originator control in usage control[A]. Proceedings of the3rd InternationalWorkshop on Policies for Distributed Systems and Networks[C]. IEEE Computer Society,2002:60-66.
[50].Sandhu R, Park J. Usage Control: A vision for next generation access control[A]. Proceedings of the2nd International Workshop on Mathematical Methods[C]. Models and Architectures for ComputerNetworks Security. Berlin: Springer,2003:17-31.
[51].Park J, Sandhu R. The UCONABCusage control model[J]. ACM Transactions on Information andSystem Security,2004,7(l):128-174.
[52].Zhang X, Park J, Presicce F.P, et al. A logical Specification for Usage Control[A]. Proceedings of the9th ACM Symposium on Access Control Models and Technologies[C]. New York: ACM Press,2004:1-10.
[53].Zhang X, Presicce F.P, Sandhu R, et al. Formal model and policy specification of usage control [J].ACM Transactions on Information and System Security,2005,8(4):351-387.
[54].Zhang X, Sandhu R, Presicce F.P. Safety analysis of usage control authorization models[A].Proceeding of ACM Symposium on Information, Computer, and Communieation Security[C]. TaiPei:ACM Press,2006:243-254.
[55].Zhao B, Sandhu R, Zhang X, et al. Towards a Time-Based Usage Control Model[J].2007,4602(10):227-242.
[56].Shin W, Yoo S.B. Secured web services based on extended usage control[A]. Proceedings of the2007international conference on Emerging technologies in knowledge discovery and data mining[C].Nanjing, China:Springer Berlin,2007:656-663.
[57].Li Z, Ye X. Towards a dynamic multi-policy dissemination control model:(DMDCON)[J]. ACMSIGMOD Record,2006,35(1):33-38.
[58].Zhang X, Nakae M, Covington M.J, et al. A usage-based authorization framework for collaborativecomputing systems[A]. Proceedings of the eleventh ACM symposium on Access control models andtechnologies[C]. Lake Tahoe, California, USA: ACM,2006:180-189.
[59].Katt B, Zhang X, Breu R, et al. A general obligation model and continuity: enhanced policyenforcement engine for usage control[A]. Proceedings of the13th ACM symposium on Access controlmodels and technologies[C]. Estes Park, CO, USA: ACM,2008:123-132.
[60].Xu M, Jiang X, Sandhu R, et al.Towards a VMM-based usage control framework for OS kernelintegrity protection[A]. Proceedings of the12th ACM symposium on Access control models andtechnologies[C]. Sophia Antipolis, France: ACM,2007:71-80.
[61].Zhang X, Nakae M, Covington M.J, et al. Toward a Usage-Based Security Framework forCollaborative Computing Systems[J]. ACM Transactions on Information and System Security(TISSEC),2008,11(1):1-36.
[62].Abie H, Spilling P, Foyn B. A distributed digital rights management model for secureinformation-distribution systems[J]. International Journal of Information Security,2004,3(2):113-128.
[63].Nair S.K, Tanenbaum A.S, Gheorghe G, et al. Enforcing DRM policies across applications[A].Proceedings of the8th ACM workshop on Digital rights management[C]. Alexandria, Virginia, USA:ACM,2008:87-94.
[64].Zhang Z, Yang L, Pei Q, et al. Research on Usage Control Model with Delegation CharacteristicsBased on OM-AM Methodology[A]. Proceeding of2007IFIP International Conference on Networkand Parallel Computing–Workshop on Network and System Security[C]. Liaoning: IEEE ComputerSociety,2007:238-243.
[65].Barka E, Lakas A. Integrating usage control with SIP-based communications[J]. Journal of ComputerSystems, Networks, and Communications,2008,2008:1-8.
[66].蔡伟鸿,韦岗,肖水.基于映射机制的细粒度RBAC委托授权模型[J].电子学报,2010,38(8):1753-1758.
[67].蔡伟鸿,肖水,韦岗等.基于选择性马尔可夫模型的缓存预取策略[J].通信学报,2010,31(2):58-66.
[68].Davis R. The digital dilemma[J]. Communications of the ACM,2001,44(2):77-83.
[69].Biddle P, England P, Peinado M, et al. The darknet and the future of content distribution[EB/OL].Proceedings of the2002ACM Workshop on Digital Rights Management.[Online] Available:http://crypto.stanford.edu/DRM2002/darknet5.doc,2002.
[70].Bell, D.E. Looking Back at the Bell-La Padula Model[A]. Proceedings of the21st Annual ComputerSecurity Applications Conference[C]. Washington DC, USA: IEEE Computer Society,2005:337-351.
[71].Biba K.J. Integrity considerations for secure computer systems[R]. Technical Report MTR-3153,MITRE Corporation, Mitre Corp,1975.
[72].王兆祥,郭义喜.使用控制模型在DRM中的应用[J].微计算机信息,2007,23(3):1-3.
[73].Cau A, Moszkowski B. Interval Temporal Logic[EB/OL]. http://www.cse.dmu.ac.uk/STRL/ITL/,March26,2010.
[74].Allen J.F, Ferguson G. Actions and events in interval temporal logic[J]. Journal Logic andComputation,1994,4(5):531-579.
[75].Barka E, Sandhu R. Framework for role-based delegation models[A]. Proceedings of the16th AnnualComputer Security Application Conference[C]. New Orleans LA USA: IEEE,2000:168-176.
[76].Barka E, Sandhu R. A role-based delegation model and some extensions[A]. Proceedings of the23rdNational Information Systems Security Conference (NISSC2000)[C]. Baltimore USA:2000:101-114.
[77].Barka E, Sandhu R. Role-based delegation model/hierarchical roles(RBDM1)[A]. Proceedings of the20th Annual Computer Security Applications Conference (ACSAC’04)[C]. Tucson, Arizona: ACSAC,2004:396-404.
[78].Zhang L.H, Ahn G.J, Chu B.T. A rule-based framework for role-based delegation[A]. Proceedings ofthe6th ACM Symposium on Access Control Models and Technologies[C]. New York, USA: ACM,2001:153-162.
[79].Zhang X.W, Oh S, Sandhu R.S. PBDM: A flexible delegation model in RBAC[A]. Proceedings of the8th ACM Symposium on Access Control Models and Technologies[C]. New York: ACM,2003:149-157.
[80].Wainer J, Kumar A. A fine-grained, controllable user-to-user delegation method in RBAC[A].Proceedings of the10th ACM Symposium on Access Control Models and Technologies[C]. New York,USA: ACM,2005:59-66.
[81].赵庆松,孙玉芳,孙波. RPRDM:基于重复和部分角色的转授权模型[J].计算机研究与发展,2003,40(2):221-227.
[82].翟征德.基于量化角色的可控委托模型[J].计算机学报,2006,29(8):1401-1407.
[83].Ye C, Fu Y, Wu Z. An attribute-based-delegation-model[A]. Proceedings of the3rd internationalconference on Information security[C], Shanghai, China: ACM,2004:220-221.
[84].Chou S, Eric Jui-Lin Lu, Chen Y.H. X-RDR: a role-based delegation processor for web-basedinformation systems[J]. ACM SIGOPS Operating Systems Review,2005,39(1):4-21.
[85].Wainer J, Kumar A, Barthelmess P. DW-RBAC: A formal security model of delegation and revocationin workflow systems[J]. Information Systems,2007,32(3):365-384.
[86].Mavridis I, Mattas A, Pagkalos I, et al. Supporting dynamic administration of RBAC in web-basedcollaborative applications during run-time[J]. International Journal of Information and ComputerSecurity,2009,2(4):328-352.
[87].Xu M, Wijesekera D. A role-based XACML administration and delegation profile and its enforcementarchitecture[A]. Proceedings of the2009ACM workshop on Secure web services[C]. Chicago, Illinois,USA: ACM,2009:53-60.
[88].Wang H, Osborn S.L. Delegation in the role graph model[A]. Proceedings of the eleventh ACMsymposium on Access control models and technologies[C]. Lake Tahoe, California, USA: ACM,2006:91-100.
[89].孙为群,单保华,张程,等.一种基于角色代理的服务网格虚拟组织访问控制模型[J].计算机学报,2006,29(7):1199-1208.
[90].翟征德,冯登国,徐震.细粒度的基于信任度的可控委托授权模型[J].软件学报,2007,18(08):2002-2015.
[91].邓勇,陈建刚,王汝传,等.网格计算环境的一种基于信任度的授权委托机制[J].通信学报,2008,29(9):10-17.
[92].廖俊国,洪帆,朱更明,等.基于信任度的授权委托模型[J].计算机学报,2006,29(8):1265-1270.
[93].ANSI INCITS359-2004. Role based access control[S]. New York: American national standard forinformation technology,2004.
[94].Marcus A, Tardos G.. Excluded Permutation Matrices and the Stanley-Wilf Conjecture[J]. Journal ofCombinatorial Theory Series A,2004,107(1):153-160.
[95].Bertino E, Bettini C, Ferrari E. An access control model supporting periodicity constraints andtemporal reasoning[J]. ACM Transactions on Database Systems,1998,23(3):213-285.
[96]. Fuchs L, Preis A. BusiROLE: A model for integrating business roles into identity management[A].Proceedings of the5th International Conference on Trust, Privacy and Security in Digital Business[C].Torino, Italy: IEEE Computer Science,2008:128-138.
[97].Fugkeaw S, Manpanpanich P, Juntrapremjitt S. Exploiting X.509certificate and multi-agent systemarchitecture for role-based access control and authentication management[A]. The7th IEEEInternational Conference on Computer and Information Technology,2007[C]. Fukushima, Japan:IEEE Computer Science,2007:733-738.
[98].Li N, Byun J.W, Bertino E. A Critique of the ANSI standard on role-based access control[J]. IEEESecurity and Privacy,2007,5(6):41-49.
[99].Ren Y, Xiao Z, Guo S. An extended RBAC model for uniform implementation of role hierarchy andconstraint[A]. International Symposium on Electronic Commerce and Security,2008[C]. Guangzhou,China: IEEE Computer Science,2008:169-174.
[100]. Oh S, Sandhu R. A model for role administration using organization structure[A]. Proceedings ofthe seventh ACM symposium on Access control models and technologies[C]. Monterey, California,USA:ACM,2002:155-162.
[101]. Essmayr W, Probst S, Weippl E. Role-based access controls: status, dissemination, and prospects forgeneric security mechanisms[J]. Electronic Commerce Research,2004,4(1):127-156.
[102]. Zhang S, Wang B. Research on improved role hierarchy model in extended organization PKInetworks [A]. PDCAT2005[C]. Dalian, China: IEEE Computer Science,2005:339-342.
[103].邵桂伟,余本功,杨善林.一种针对信息网格RBAC模型私有权限问题的有效解决方案[J].计算机应用研究,2007,24(4):133-135.
[104]. Zhong H, Feng Y, Jiang H. Role hierarchy model for role-based access control and its application[J].Journal of Software,2000,1(6):779-784.
[105]. Lee H, Lee S.Y, Noh B.N. A new role-based authorization model in a corporate workflowsystems[A]. Computational Science and Its Applications(ICCSA2004)[C]. Assisi, Italy: IEEEComputer Science,2004:701-710.