CN105282160A - Credibility-based dynamic access control method - Google Patents

Credibility-based dynamic access control method Download PDF

Info

Publication number
CN105282160A
CN105282160A CN201510724331.4A CN201510724331A CN105282160A CN 105282160 A CN105282160 A CN 105282160A CN 201510724331 A CN201510724331 A CN 201510724331A CN 105282160 A CN105282160 A CN 105282160A
Authority
CN
China
Prior art keywords
user
access control
server
credit value
trust
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN201510724331.4A
Other languages
Chinese (zh)
Other versions
CN105282160B (en
Inventor
刘武
唐再良
文永革
赵永驰
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
MIANYANG TEACHERS COLLEGE
Original Assignee
MIANYANG TEACHERS COLLEGE
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by MIANYANG TEACHERS COLLEGE filed Critical MIANYANG TEACHERS COLLEGE
Priority to CN201510724331.4A priority Critical patent/CN105282160B/en
Publication of CN105282160A publication Critical patent/CN105282160A/en
Application granted granted Critical
Publication of CN105282160B publication Critical patent/CN105282160B/en
Expired - Fee Related legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/10Network architectures or network communication protocols for network security for controlling access to devices or network resources
    • H04L63/102Entity profiles
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0807Network architectures or network communication protocols for network security for authentication of entities using tickets, e.g. Kerberos
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0823Network architectures or network communication protocols for network security for authentication of entities using certificates
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/20Network architectures or network communication protocols for network security for managing network security; network security policies in general

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Storage Device Security (AREA)
  • Computer And Data Communications (AREA)

Abstract

The invention relates to the Internet technical field and particular to a credibility-based dynamic access control method. The credibility-based dynamic access control method is put forwards based on requirements for distributed network computing environment and defects in existing network security management mechanisms. According to the credibility-based dynamic access control method of the invention, a credibility mechanism is adopted to perform dynamic evaluation on the behaviors of users, and the credibility of the users and the authority of the users are dynamically bound, and therefore, a credibility-based dynamic access control mechanism can be realized, and malicious behaviors of the users can be prevented timely. With the credibility-based dynamic access control method of the invention adopted, a valid identity authentication and dynamic access control means can be provided for Internet applications. The credibility-based dynamic access control method has excellent expansibility and can meet requirements of future development of the Internet applications.

Description

Based on the dynamic accesses control method of prestige
Technical field
The present invention relates to Internet technical field, specifically disclose a kind of dynamic accesses control method based on prestige.
Background technology
In distributed network computing environment, network security management is a difficult problem.1996, first AT & T laboratory proposes the concept of trust management, this kind of management system is commonly called the authoring system based on ability (capability-based), this system needs service side in advance for requesting party issues the credentials of assigned operation authority, cannot set up dynamic trusting relationship with strange side.Relying on body attribute (property-based) to authorize, is a kind of effective ways for the relation that breaks the wall of mistrust between strange side.
Tradition access control technology is mainly authorized based on the identity of requesting party, needs to set unified safety management domain.In open the Internet, due to features such as the many scales of quantity participating in main body are large, the isomerism of running environment, the dynamic of moving target and independences, the access control technology of identity-based is made to be difficult to realize authorizing access control across multiple security domain, need to seek a kind of more efficiently trusting relationship method for building up, realize the conversion from the access control technology of identity-based to new technology, to meet the growth requirement of distributed network computing.
The present invention is directed to the demand of distributed network computing environment, and the drawback that existing network security management mechanism exists, propose the dynamic accesses control method based on prestige, introduce faith mechanism and dynamic evaluation is carried out to user behavior, and the credit worthiness of user and user right are carried out dynamic binding, realize, based on the dynamic access control mechanism of trusting, stoping user's malicious act in time.
Summary of the invention
The object of the invention is to: in the safety management field of distributed network computing environment, introduce faith mechanism and dynamic evaluation is carried out to user behavior, and the credit worthiness of user and user right are carried out dynamic binding, realize, based on the dynamic access control mechanism of trusting, stoping user's malicious act in time.Be network management, network security monitoring carries out technical support, and a kind of dynamic accesses control method based on prestige provided.
Step (1), sets up the dynamic access control architectural model based on prestige;
As shown in Figure 1, this model forms primarily of IDProvider, ResourceProvider and CreditProvider.Wherein, IDProvider mainly provides unified mark and authentication service, for grid system provides unified user ID, and provides cross-domain identity authentication service; ResourceProvider realizes the authentication to user by identity authorization system, and is realized the control of authority of user's access system resources by access control system; CreditProvider passes through audit with supervisory control system monitor user ' to the service condition of resource, to the raw information that trust service system provides credit value to calculate.Trust service system calculates/upgrades the credit value of user in real time, result of calculation is fed back on the one hand credit value information when IDProvider logs in as user next time, determines this user whether Internet access related system resource; Simultaneously also by result of calculation immediate feedback to ResourceProvider, controlled the access rights of user in real time according to access control policy by its access control system.
Step (2), based on the dynamic access control workflow of prestige;
Step (2.1), during customer access network resource, first carries out authentication.User submits identify label to authentication server, initiates authentication request;
Step (2.2), when authentication server receives the authentication request of user, first inquires about the credit value of this user to trust server, if credit value is lower than threshold value, disconnect user connects, authentication failure;
Step (2.3), if credit value is higher than threshold value, server requirement user provide authenticate key, then to certificate server inquiring user certificate, carries out authentication procedures;
Step (2.4), when user is by after authentication, is directed into access control server, access control server inquires about trust server again, obtain credit value and the license behavior list of user, in conjunction with the access control storehouse based on prestige, generate access control token;
Step (2.5), user holds access control token, according to the specific resources in license behavior list access system;
Step (2.6), the resource that user can only specify in access permission behavior list, while user's access system resources, monitoring server is responsible for supervisory user behavior and is taken situation, audit information write into Databasce of being correlated with to system resource;
Step (2.7), trust server extracts relevant raw information from audit database, calculates and upgrades user's credit value, and user's credit value of real-time update is fed back to authentication server and access control server in time;
Step (2.8), trust server, according to the current credit value of user, calculates the license behavior list that user is up-to-date.Concrete execution following steps:
Step (2.8.1), initialization, arranges and returns license behavior list for empty;
Step (2.8.2), the owner of Gains resources R;
Step (2.8.3), obtains the recommendation trust relation of user U according to trusting relationship;
Step (2.8.4), for each recommendation trust relation of U, obtains corresponding access control policy.If success, then obtain the license behavior based on this trusted policy; Otherwise according to the current credit value of user p, obtain default license behavior;
Step (2.8.5), upgrades license behavior list to be returned;
Step (2.8.6), repeats step (2.8.4) and (2.8.5);
Step (2.8.7), in the direct trusting relationship of trusting relationship concentrated setting main body to U;
Step (2.8.8), for each local trust relation, obtains corresponding access control policy.If success, then obtain the license behavior based on this trusted policy; Otherwise according to the current credit value of user U, obtain default license behavior;
Step (2.8.9), upgrades license behavior list to be returned;
Step (2.8.10), repeats step (2.8.8) and (2.8.9);
Step (2.8.11), returns license behavior list;
Step (2.9), on the one hand, access control server timing pulls up-to-date credit value and the license behavior list of the user of trust server real-time update, on the other hand, the up-to-date credit value of up-to-date user and license behavior list also can be pushed to access control server by trust server in real time.Access control server is according to the current credit value of the user of up-to-date acquisition and license behavior list, and the resource access authority of dynamic conditioning user, until the resources use right limit cancelling this user.Such as, due to illegal operation or malicious act cause credit value to drop to below threshold value time, access control server will cancel in real time user resources use right limit, avoid causing further network security accident.
The beneficial effect of the technical method of the present invention:
(1) introduce faith mechanism and dynamic evaluation is carried out to user behavior;
(2) the resource access authority of the credit worthiness of user and user is carried out dynamic binding.Long-term well behaved net behavior accumulation progressively can promote the credit value of user, makes honest user can obtain more multiple resource access rights; And malicious act will cause the sharply decline of credit value, thus reduce the resource access authority of bad behavior user further;
(3) realization is based on the dynamic access control mechanism of prestige, stops user's malicious act in time, eliminates potential network security incident in bud, energy available protecting Internet resources, the safe and highly efficient operation of Logistics networks system.
(4) the present invention can provide effective authentication and dynamic access control means for the application of Future Internet, is with good expansibility simultaneously, can adapts to the requirement that Future Internet application development brings.
Accompanying drawing explanation
Fig. 1. the dynamic access control architectural model based on prestige of the present invention;
Fig. 2. in the present invention, parameter lambda is on the impact of weight factor;
Fig. 3. of the present invention based on malicious node Transaction Success rate curve in the dynamic access control architectural model of prestige;
Fig. 4. the dynamic access control key algorithm based on prestige of the present invention.
Embodiment
Below in conjunction with embodiment, foregoing invention content of the present invention is described in further detail.
But this should be interpreted as that the scope of the above-mentioned theme of the present invention is only limitted to following embodiment.Without departing from the idea case in the present invention described above, according to ordinary skill knowledge and customary means, make various replacement and change, all should comprise within the scope of the invention.
One. set up user behavior trust service model
For existing trust model problem, the present invention proposes a kind of new user behavior trust model NATM:
T ( n ) = ω ( n ) | | T L S | | Σ P ∈ T L S { T P ( n ) + θ [ TR a v g - T P ( n ) ] } + ( 1 - ω ( n ) ) · T ( n - 1 ) - - - ( a )
Wherein:
Weight when ω (n) is n-th transaction, 0≤ω (n)≤1, n is transaction count, n=0,1,2,
θ is noise regulatory factor, 0≤θ≤1
Trust value when T (n) is n-th transaction
TLS is the trust chain collection of main body S to object O, || TLS|| is the element number of TLS
T pfor between S and O along the recommendation trust of trust chain P
TR avgfor the average recommendation trust value between S and O
Two. the design of weight factor ω (n)
1. designing requirement:
● S and 0 is when first transaction, and credit value depends on recommendation reputation value
● along with the increase of the transaction count of S and 0, S can there's a growing conviction that oneself to 0 evaluation, thus along with the direct dealing proportion of the increase S and 0 of transaction count should be increasing
2. a concrete ω (n)
ω(n)=λ n-1,0<λ<1,n=1,2,3,...(b)
(1) feature
● only need according to practical application, select an initial value λ
● save a large amount of memory cell
(2) selection principle of parameter lambda
Can find out the influence curve of weight factor according to parameter lambda in Fig. 2, choosing of parameter lambda should follow following principle:
● when the entity in network is few, the controling parameters λ that selection and comparison is little is proper
● when the entity in network is more, answer the λ value that selection and comparison is large
Three. the design of noise regulatory factor θ
The malicious act produced in nodes process of exchange is defined as noise by the present invention.This kind of noise is mainly reflected in the credit value being improved or reduced destination node by artificial mode, thus lures other node and destination node to conclude the business, or all stops other node and destination node to be concluded the business.
Two class malicious nodes may be there are between network node in process of exchange, they or the trust value of exaggerating certain aspects of is provided, or provide the unilateral trust value reduced, be called positive noise and negative noise.For the various malicious acts existed in network, when designing noise regulatory factor, following requirement should be met:
1. noise regulatory factor θ designing requirement:
● for the positive noise higher than mean value, promptly to be adjusted near mean value
● for sub-average negative noise, promptly to be regulated near mean value
2. a concrete noise regulatory factor θ
θ = TR a v g - T i , j TR a v g + T i , j - - - ( c )
Determined for above-mentioned noise regulatory factor trust model NATM is carried out emulation experiment, obtains result as shown in Figure 3.As can be seen from Figure 3, under the effect of the noise control factor, along with the increase of interaction times, the credit value of malicious node reduces rapidly, the resources such as the corresponding reduction of dynamic access control system its bandwidth enjoyed, linking number, until refuse its access, thus malicious act constantly reduces.
Four. based on the dynamic access control key algorithm of prestige
Be illustrated in figure 4 the access control key algorithm based on prestige, wherein, input parameter is resource identification r, user ID p.Algorithm key step is as follows:
(1) initialization, arranges and returns license behavior list for empty;
(2) owner of Gains resources r;
(3) the recommendation trust relation of user p is obtained according to trusting relationship;
(4) for each recommendation trust relation of p, corresponding access control policy is obtained.If success, then obtain the license behavior based on this trusted policy; Otherwise according to the current credit value of user p, obtain default license behavior;
(5) license behavior list to be returned is upgraded;
(6) step (4) and (5) is repeated;
(7) in the direct trusting relationship of trusting relationship concentrated setting main body to p;
(8) for each local trust relation, corresponding access control policy is obtained.If success, then obtain the license behavior based on this trusted policy; Otherwise according to the current credit value of user p, obtain default license behavior:
(9) license behavior list to be returned is upgraded;
(10) step (8) and (9) is repeated;
(11) license behavior list is returned.

Claims (1)

1. based on the dynamic accesses control method of prestige, it is characterized in that, comprise the following steps:
Step (1), sets up the dynamic access control architectural model based on prestige;
This model forms primarily of IDProvider, ResourceProvider and CreditProvider, wherein, IDProvider mainly provides unified mark and authentication service, for grid system provides unified user ID, and provides cross-domain identity authentication service; ResourceProvider realizes the authentication to user by identity authorization system, and is realized the control of authority of user's access system resources by access control system; CreditProvider passes through audit with supervisory control system monitor user ' to the service condition of resource, to the raw information that trust service system provides credit value to calculate; Trust service system calculates/upgrades the credit value of user in real time, result of calculation is fed back on the one hand credit value information when IDProvider logs in as user next time, determines this user whether Internet access related system resource; Simultaneously also by result of calculation immediate feedback to ResourceProvider, controlled the access rights of user in real time according to access control policy by its access control system;
Step (2), based on the dynamic access control workflow of prestige;
Step (2.1), during customer access network resource, first carry out authentication, user submits identify label to authentication server, initiates authentication request;
Step (2.2), when authentication server receives the authentication request of user, first inquires about the credit value of this user to trust server, if credit value is lower than threshold value, disconnect user connects, authentication failure;
Step (2.3), if credit value is higher than threshold value, server requirement user provide authenticate key, then to certificate server inquiring user certificate, carries out authentication procedures;
Step (2.4), when user is by after authentication, is directed into access control server, access control server inquires about trust server again, obtain credit value and the license behavior list of user, in conjunction with the access control storehouse based on prestige, generate access control token;
Step (2.5), user holds access control token, according to the specific resources in license behavior list access system;
Step (2.6), the resource that user can only specify in access permission behavior list, while user's access system resources, monitoring server is responsible for supervisory user behavior and is taken situation, audit information write into Databasce of being correlated with to system resource;
Step (2.7), trust server extracts relevant raw information from audit database, calculates and upgrades user's credit value, and user's credit value of real-time update is fed back to authentication server and access control server in time;
Step (2.8), trust server, according to the current credit value of user, calculates the license behavior list that user is up-to-date, specifically performs following steps:
Step (2.8.1), initialization, arranges and returns license behavior list for empty;
Step (2.8.2), the owner of Gains resources R;
Step (2.8.3), obtains the recommendation trust relation of user U according to trusting relationship;
Step (2.8.4), for each recommendation trust relation of U, obtains corresponding access control policy, if success, then obtains the license behavior based on this trusted policy; Otherwise according to the current credit value of user p, obtain default license behavior;
Step (2.8.5), upgrades license behavior list to be returned;
Step (2.8.6), repeats step (2.8.4) and (2.8.5);
Step (2.8.7), in the direct trusting relationship of trusting relationship concentrated setting main body to U;
Step (2.8.8), for each local trust relation, obtains corresponding access control policy, if success, then obtains the license behavior based on this trusted policy; Otherwise according to the current credit value of user U, obtain default license behavior;
Step (2.8.9), upgrades license behavior list to be returned;
Step (2.8.10), repeats step (2.8.8) and (2.8.9);
Step (2.8.11), returns license behavior list;
Step (2.9), on the one hand, access control server timing pulls up-to-date credit value and the license behavior list of the user of trust server real-time update, on the other hand, the up-to-date credit value of up-to-date user and license behavior list also can be pushed to access control server by trust server in real time, access control server is according to the current credit value of the user of up-to-date acquisition and license behavior list, and the resource access authority of dynamic conditioning user, until the resources use right limit cancelling this user.
CN201510724331.4A 2015-10-23 2015-10-23 Dynamic accesses control method based on prestige Expired - Fee Related CN105282160B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201510724331.4A CN105282160B (en) 2015-10-23 2015-10-23 Dynamic accesses control method based on prestige

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201510724331.4A CN105282160B (en) 2015-10-23 2015-10-23 Dynamic accesses control method based on prestige

Publications (2)

Publication Number Publication Date
CN105282160A true CN105282160A (en) 2016-01-27
CN105282160B CN105282160B (en) 2018-09-25

Family

ID=55150486

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201510724331.4A Expired - Fee Related CN105282160B (en) 2015-10-23 2015-10-23 Dynamic accesses control method based on prestige

Country Status (1)

Country Link
CN (1) CN105282160B (en)

Cited By (11)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106961441A (en) * 2017-04-06 2017-07-18 中国民航大学 A kind of user's dynamic accesses control method for Hadoop cloud platform
CN107122655A (en) * 2017-03-29 2017-09-01 西安电子科技大学 A kind of mobile application security based on trust management sets commending system
CN107766743A (en) * 2017-11-09 2018-03-06 广州杰赛科技股份有限公司 Method to set up and device, terminal device, the storage medium of file access authority
CN108111867A (en) * 2016-11-24 2018-06-01 广州华多网络科技有限公司 A kind of direct broadcasting room speech monitoring method and system
CN108540494A (en) * 2018-05-02 2018-09-14 上海同砚信息科技有限公司 Social network user credit worthiness and operating right manage system
CN108848074A (en) * 2018-05-31 2018-11-20 西安电子科技大学 The information service entities cross-domain authentication method of trust value is acted on behalf of based on domain
CN113392385A (en) * 2021-06-28 2021-09-14 中山大学 User trust measurement method and system in cloud environment
CN113572734A (en) * 2021-06-24 2021-10-29 福建师范大学 Cross-domain access control method based on block chain in mobile edge calculation
CN113839945A (en) * 2021-09-23 2021-12-24 北京交通大学 Credible access control system and method based on identity
CN114567489A (en) * 2022-03-02 2022-05-31 临沂大学 Dynamic access control method based on service body
CN115277201A (en) * 2022-07-27 2022-11-01 国网河南省电力公司信息通信公司 Website defense system for dynamic code packaging

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101729321A (en) * 2009-12-22 2010-06-09 北京理工大学 Dynamic cross-domain access control method based on trust valuation mechanism
CN103338194A (en) * 2013-03-06 2013-10-02 中国电力科学研究院 Credibility based cross- security domain access control system and method

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101729321A (en) * 2009-12-22 2010-06-09 北京理工大学 Dynamic cross-domain access control method based on trust valuation mechanism
CN103338194A (en) * 2013-03-06 2013-10-02 中国电力科学研究院 Credibility based cross- security domain access control system and method

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
陈颖、杨寿保等: ""网格环境下的一种动态跨域访问控制策略"", 《计算机研究与发展》 *

Cited By (16)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN108111867A (en) * 2016-11-24 2018-06-01 广州华多网络科技有限公司 A kind of direct broadcasting room speech monitoring method and system
CN107122655A (en) * 2017-03-29 2017-09-01 西安电子科技大学 A kind of mobile application security based on trust management sets commending system
CN107122655B (en) * 2017-03-29 2020-01-03 西安电子科技大学 Trust management based mobile application security setting recommendation system
CN106961441B (en) * 2017-04-06 2020-05-22 中国民航大学 User dynamic access control method for Hadoop cloud platform
CN106961441A (en) * 2017-04-06 2017-07-18 中国民航大学 A kind of user's dynamic accesses control method for Hadoop cloud platform
CN107766743A (en) * 2017-11-09 2018-03-06 广州杰赛科技股份有限公司 Method to set up and device, terminal device, the storage medium of file access authority
CN108540494A (en) * 2018-05-02 2018-09-14 上海同砚信息科技有限公司 Social network user credit worthiness and operating right manage system
CN108848074A (en) * 2018-05-31 2018-11-20 西安电子科技大学 The information service entities cross-domain authentication method of trust value is acted on behalf of based on domain
CN113572734A (en) * 2021-06-24 2021-10-29 福建师范大学 Cross-domain access control method based on block chain in mobile edge calculation
CN113392385A (en) * 2021-06-28 2021-09-14 中山大学 User trust measurement method and system in cloud environment
CN113839945A (en) * 2021-09-23 2021-12-24 北京交通大学 Credible access control system and method based on identity
CN113839945B (en) * 2021-09-23 2023-05-19 北京交通大学 Trusted access control system and method based on identity
CN114567489A (en) * 2022-03-02 2022-05-31 临沂大学 Dynamic access control method based on service body
CN114567489B (en) * 2022-03-02 2023-09-15 临沂大学 Dynamic access control method based on service body
CN115277201A (en) * 2022-07-27 2022-11-01 国网河南省电力公司信息通信公司 Website defense system for dynamic code packaging
CN115277201B (en) * 2022-07-27 2023-09-26 国网河南省电力公司信息通信公司 Website defense system of dynamic code encapsulation

Also Published As

Publication number Publication date
CN105282160B (en) 2018-09-25

Similar Documents

Publication Publication Date Title
CN105282160A (en) Credibility-based dynamic access control method
Si et al. IoT information sharing security mechanism based on blockchain technology
Wang et al. SPDS: A secure and auditable private data sharing scheme for smart grid based on blockchain
Li et al. Rational protocols and attacks in blockchain system
CN107528856A (en) Internet of Things mist end equipment based on block chain platform access authentication method beyond the clouds
CN104301301B (en) A kind of Data Migration encryption method based between cloud storage system
CN104993926B (en) Hierarchical key management System and method for based on cloud computing in intelligent grid
US20210266337A1 (en) Blockchain-based method and system for handling domain name abuse
CN103338194A (en) Credibility based cross- security domain access control system and method
Zeng et al. A scheme of intelligent traffic light system based on distributed security architecture of blockchain technology
Li et al. Retracted: Design of multimedia blockchain privacy protection system based on distributed trusted communication
Guo et al. When network operation meets blockchain: An artificial-intelligence-driven customization service for trusted virtual resources of IoT
Wang et al. Blockchain-based dynamic energy management mode for distributed energy system with high penetration of renewable energy
Li et al. Federated hierarchical trust-based interaction scheme for cross-domain industrial IoT
CN107426134A (en) A kind of access control method based on relation
CN107302524A (en) A kind of ciphertext data-sharing systems under cloud computing environment
Nguyen et al. Fedchain: Secure proof-of-stake-based framework for federated-blockchain systems
Li et al. Cyber insurance design for validator rotation in sharded blockchain networks: A hierarchical game-based approach
Yan et al. Blockchain‐based framework of power demand response in China
Jain et al. Blockchain based smart contract for cooperative spectrum sensing in cognitive radio networks for sustainable beyond 5G wireless communication
Zekiye et al. Blockchain-based federated learning for decentralized energy management systems
CN114154193A (en) Cross-domain access control method based on block chain
Shi et al. Continuous trust evaluation of power equipment and users based on risk measurement
CN106506500A (en) A kind of method of the cloud computing unified identity authentication based on SAML and XACML
Zhu et al. HCSC: A Hierarchical Certificate Service Chain Based on Reputation for VANETs

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant
CF01 Termination of patent right due to non-payment of annual fee

Granted publication date: 20180925

Termination date: 20191023

CF01 Termination of patent right due to non-payment of annual fee