In the complicated and changeable environment,the size,complexity,and sensitivity of the provenance data gradually improved,accessed control to the provenance data is more com-plex than the traditional data.In order to prevent the fine-grained provenance data against illegal access by unauthorized users,combined with the basic properties of provenance that was defined in provenance core data model PROV-DM under W3C standard,we proposed an attribute-based provenance access control model ABPAC and an attribute description model of ABPAC.We made a formal description to the ABPAC model from six aspects,divided user attributes,and realized the user access provenance data flexible and accurately through the attribute match method of provenance.Finally,we provided the realization process.Analysis results show that the model can better meet the needs of fine-grained access to the provenance data.%在复杂多变的网络环境下,起源数据的规模、复杂度、敏感度逐渐提升,对起源数据的访问控制比传统数据的访问控制更加复杂。为了防止细粒度的起源数据遭受未授权用户的非法访问,结合 W3 C标准下起源核心数据模型PROV-DM中定义的起源基本属性,提出了一种基于属性的起源访问控制模型ABPAC和ABPAC模型的属性描述模型。从六个方面对 ABPAC 模型进行形式化描述,划分了用户属性,并通过起源属性匹配方法实现了用户灵活、准确地对起源数据进行访问,最后给出了模型的实现流程。分析表明,该模型能够较好的满足对细粒度起源数据的访问需求。
展开▼