中国科学院软件研究所机构知识库
Advanced  
ISCAS OpenIR  > 软件所图书馆  > 期刊论文
Subject: Computer Science
Title:
分布式环境下可信使用控制实施方案
Alternative Title: an approach of trusted usage control in distributed environment
Author: 胡浩 ; 冯登国 ; 秦宇 ; 于爱民
Keyword: 可信计算 ; 可信平台模块 ; UCON模型 ; 分布式访问控制 ; 可信使用控制
Source: 计算机研究与发展
Issued Date: 2011
Volume: 48, Issue:12, Pages:2201-2211
Indexed Type: CNKI ; EI ; CSCD ; WANFANG
Department: 中国科学技术大学电子工程与信息科学系;信息安全国家重点实验室(中国科学院软件研究所);信息安全共性技术国家工程研究中心;
Sponsorship: 国家科技支撑计划基金项目(2008BAH22B06)|国家“八六三”高技术研究发展计划基金项目(2007AA01Z465)|国家自然科学基金项目(60970028)|中国科学院知识创新工程领域前沿项目(ISCAS2009-DR14,ISCAS2009-GR03)
Abstract: 当前分布式环境下,数据分发后产生了多种新的安全需求,传统的访问控制模型早已无法满足实际需要.因此,基于新型的使用控制模型UCON和可信计算技术,针对分布式环境下的信息安全需求,构建了一种通用的、可协商的可信使用控制架构TUC(trusted usage control).该架构利用硬件信任根TPM实施使用控制,引入策略和密钥协商机制,保证数据分发、传输、存储和使用控制过程中的机密性、完整性、可控性.此外,通过使用控制策略与分发数据的绑定,TUC的使用控制实施不会局限于特定的应用环境,增强了方案的通用性.针对原型系统的性能测试表明,TUC的表现达到了预期,为分布式环境下的访问控制实施提供了可行的解决方案.
English Abstract: In distributed environment, digital data can be easily distributed and various kinds of security requirements emerge after the data distribution. However, traditional access control solutions suffer from difficulties both in the access rights authorization and the usage policy enforcement, especially under the heterogeneous, distributed network environments. In this paper, a new architecture called TUC (trusted usage control) is proposed against the information security requirements under distributed environment based on usage control model and trusted computing technology. TUC is presented to achieve usage control based upon the hardware trust root TPM. In this way, confidentiality, integrity and controllability of the data are assured not only in distribution, transmission, storage but also in usage control. It is necessary to design TUC as a general access solution by binding policies to the usage-controlled digital content. So TUC isn't limited to the specific application environment. Moreover, TUC is a negotiable solution because of the key and policy negotiation in our design. In this way, both the user's and the owner's requirements are taken into consideration. The design and implementation of TUC is then detailed in this paper. Test results show that the performance of TUC is acceptable for access control in distributed environment.
Language: 中文
Citation statistics:
Content Type: 期刊论文
URI: http://ir.iscas.ac.cn/handle/311060/16133
Appears in Collections:软件所图书馆_期刊论文

Files in This Item:

There are no files associated with this item.


Recommended Citation:
胡浩,冯登国,秦宇,等. 分布式环境下可信使用控制实施方案[J]. 计算机研究与发展,2011-01-01,48(12):2201-2211.
Service
Recommend this item
Sava as my favorate item
Show this item's statistics
Export Endnote File
Google Scholar
Similar articles in Google Scholar
[胡浩]'s Articles
[冯登国]'s Articles
[秦宇]'s Articles
CSDL cross search
Similar articles in CSDL Cross Search
[胡浩]‘s Articles
[冯登国]‘s Articles
[秦宇]‘s Articles
Related Copyright Policies
Null
Social Bookmarking
Add to CiteULike Add to Connotea Add to Del.icio.us Add to Digg Add to Reddit
所有评论 (0)
暂无评论
 
评注功能仅针对注册用户开放,请您登录
您对该条目有什么异议,请填写以下表单,管理员会尽快联系您。
内 容:
Email:  *
单位:
验证码:   刷新
您在IR的使用过程中有什么好的想法或者建议可以反馈给我们。
标 题:
 *
内 容:
Email:  *
验证码:   刷新

Items in IR are protected by copyright, with all rights reserved, unless otherwise indicated.

 

 

Valid XHTML 1.0!
Copyright © 2007-2019  中国科学院软件研究所 - Feedback
Powered by CSpace