원문정보
초록
영어
Aimed at the security problems of the cross-cloud, cross-level and cross-domain in multi-level hybrid cloud computing, the singleness of the role establishment method, the implicit promotion of privilege and the separation of duties conflict in the traditional cross-domain authorization management models, a new cross-domain authorization management model for multi-levels hybrid cloud computing is proposed based on a novel two-tier role architecture. The two-tier role architecture which is setted in the area of arrangement can better meet the practical needs of role establishment and management. Based on that, the proposed unidirectional role mapping for cross-domain authorization can avoid the role mapping rings. Besides, by introducing attribute and condition, dynamic adjustment of privileges is realized. The model is described formally in dynamic description logic, including concepts, relations and management operations. Finally, the security of the model is analyzed and an example is presented to illustrate the effectiveness and practicality.
목차
1. Introduction
2. Dynamic Description Logic
3. Main Idea of the Model
3.1 Two-tier Role Architecture
3.2. Cross Domain Authorization Management based on Unidirectional Role Mapping
4. DDL-Based Description of the Model
5. Security Analysis of the Model
6. An Example of Cross-Domain Authorization
7. Conclusion
References