資訊管理學報
曹偉駿;鄭博元;李建邦;
頁: 167-192
日期: 2013/04
摘要: 以角色為基礎的存取控制(Role-based Access Control; RBAC)方式應用於網路服務中,雖然可使管理者有效率地檢視使用者目前所擁有的權限,然而隨著網路的發展與普及,網路安全問題層出不窮,現有存取控制機制是不足以確保網路服務的安全性。因此,本研究除了以情境感知機制彌補RBAC的不足,更進一步使用決策樹演算法探勘隱藏情境。其中,情境感知技術能隨著不同的時空與環境狀態變化,動態地調整用戶存取限制,並依照通訊裝置的特色,提供適當的服務與存取內容,使得授權機制更為彈性,故系統不論在安全性或執行效率上,皆能夠獲得較佳的改善。本機制首先整合單一登入與跨網域RBAC,改善多系統權限不一與角色衝突的問題,並藉由情境感知技術達到彈性授權之目的,更進一步地採用決策樹演算法,使得情境的推論更加精準,以提升系統在資訊傳輸的安全性及執行效率。
關鍵字: 網路服務;角色為基礎的存取控制;資訊安全;情境感知;決策樹;
Abstract: With the more and more serious networks security problems, the existing role-based access control (RBAC) mechanisms are insufficient. Therefore, our research will improve RBAC mechanism by adding the functionality of context-aware, and further analyze hidden context data using the decision tree algorithm. The context-aware technique can dynamically adjust users' access constraints with differently temporal, spatial and environmental factors, and at the same time provide adaptable access contents according to distinctive features of equipment (or devices), such that it can extremely enhance security and efficiency in the information systems. Our proposed scheme will integrate the single sign-on and cross-domain RBAC mechanism to solve inconsistent authority and role conflict problems among multi-system in web services, and further achieve the capability of flexible authorization by using context-aware technique. Moreover, in order to improve the system security and efficiency for information transmissions of web services, we further employ the decision tree algorithm to enhance the precision of context inference.
Keywords: Web services;RBAC;Information security;Context-aware;Decision tree;
瀏覽次數: 18410 下載次數: 2740
引用 導入Endnote
頁: 167-192
日期: 2013/04
摘要: 以角色為基礎的存取控制(Role-based Access Control; RBAC)方式應用於網路服務中,雖然可使管理者有效率地檢視使用者目前所擁有的權限,然而隨著網路的發展與普及,網路安全問題層出不窮,現有存取控制機制是不足以確保網路服務的安全性。因此,本研究除了以情境感知機制彌補RBAC的不足,更進一步使用決策樹演算法探勘隱藏情境。其中,情境感知技術能隨著不同的時空與環境狀態變化,動態地調整用戶存取限制,並依照通訊裝置的特色,提供適當的服務與存取內容,使得授權機制更為彈性,故系統不論在安全性或執行效率上,皆能夠獲得較佳的改善。本機制首先整合單一登入與跨網域RBAC,改善多系統權限不一與角色衝突的問題,並藉由情境感知技術達到彈性授權之目的,更進一步地採用決策樹演算法,使得情境的推論更加精準,以提升系統在資訊傳輸的安全性及執行效率。
關鍵字: 網路服務;角色為基礎的存取控制;資訊安全;情境感知;決策樹;
A Highly Secure Access Control Scheme for Web Services Based on Context-aware
Abstract: With the more and more serious networks security problems, the existing role-based access control (RBAC) mechanisms are insufficient. Therefore, our research will improve RBAC mechanism by adding the functionality of context-aware, and further analyze hidden context data using the decision tree algorithm. The context-aware technique can dynamically adjust users' access constraints with differently temporal, spatial and environmental factors, and at the same time provide adaptable access contents according to distinctive features of equipment (or devices), such that it can extremely enhance security and efficiency in the information systems. Our proposed scheme will integrate the single sign-on and cross-domain RBAC mechanism to solve inconsistent authority and role conflict problems among multi-system in web services, and further achieve the capability of flexible authorization by using context-aware technique. Moreover, in order to improve the system security and efficiency for information transmissions of web services, we further employ the decision tree algorithm to enhance the precision of context inference.
Keywords: Web services;RBAC;Information security;Context-aware;Decision tree;
瀏覽次數: 18410 下載次數: 2740
引用 導入Endnote