现有的基于角色的访问控制(RBAC)是一种静态的访问控制方法,特定的用户只能映射到固定的角色中,无法满足身份与角色之间的动态关系。文章结合移动互联网位置性和实时性的特点,引入位置态和时间态,给出移动互联网环境下基于动态信任值的访问控制方法。同一用户在不同的位置态和时间态下对应着不同的角色,拥有不同的访问权限。同时,用户的信任值不再是一成不变的,一方面,随着用户对不同资源的访问,用户的信任值会增加或者减少;另一方面,用户的信任值会类似于遗忘曲线一样随着时间的流逝而递减。文中方法通过动态调整用户的信任值,克服了当前访问控制在移动互联网环境下安全性不足的缺点,能够有效控制用户在不同状态下对不同资源的访问权限。实验证明,该方法正确、有效。%The existing role based access control (RBAC) is a kind of static access control method. A user can only be mapped to a ifxed role, and can’t meet the dynamic relationship between user and role in this method. This paper, according to the characteristics of mobile Internet, introduces the location state and time state, gives the access control method based on dynamic trust in mobile Internet environment. The same user has different roles in different location states and time states, and has different access permissions. At the same time, user trust degree is no longer immutable, user’s trust will increase or decrease with access to different resources, and user’s trust degree will decreasing with the passage of time. By dynamically adjusting the user’s trust degree, it overcomes the shortcomings of the current access control in the mobile Internet environment, and effectively controls the user’s access permission in different conditions. Experiments show that the method is correct and effective.
展开▼
