CN105871854A - Self-adaptive cloud access control method based on dynamic authorization mechanism - Google Patents

Abstract

The invention relates to a self-adaptive cloud service access control method based on a dynamic authorization mechanism. Credibility modelling of user behaviours is carried out at first; the access permissions of cloud users are hierarchically described by using inheritance idea; a cloud authentication centre constructs the mapping relationship of a model according to the historical creditworthiness and role trees of the users, gives different cloud user identity tokens, and recommends cloud services allowed to access to the users; the cloud authentication centre dynamically adjusts the comprehensive creditworthiness of the users by monitoring change of the user behaviours in real time, such that the credibility of the users is judged; if the users are credible, the cloud authentication centre gives the cloud service access tokens to the users; the cloud users obtain services by the cloud service access tokens; and otherwise, access is refused. The self-adaptive cloud service access control method based on the dynamic authorization mechanism provided by the invention has relatively high security and reliability.

Description

Self adaptation cloud access control method based on dynamic authorization mechanism

Technical field

The present invention relates to cloud service and access control field, be specifically related to a kind of in cloud environment, it is judged that whether certain user There is a kind of security mechanism that a certain cloud service performs certain specific operation authority.

Background technology

Cloud computing is the novel calculation of one occurred after Distributed Calculation, grid computing, P2P computing.Cloud computing By calculating task distribution on the resource pool that a large amount of computers are constituted, various application system is enable to obtain calculating as required Power, memory space and information service, have the spies such as on-demand service, quick resilient infrastructure, virtual resources pond, measurable service Point.

Along with the fast development of cloud computing, cloud service is more and more abundanter.According to the accessibility of cloud service, can be by its point For publicly-owned cloud and privately owned cloud.The motility of publicly-owned cloud makes it can be that all users provide the service meeting QoS, but publicly-owned Cloud cannot carry out safeguard protection and access control resource.Privately owned cloud has the feature of controllable safety, but it cannot be independent Individually operate outside other resource.The Successful Operation of cloud computing technology, challenge is how that tackling user's private data lets out How the threat of dew, set up reliable trusting relationship between cloud service provider and user, to implement the control of cloud access flexibly.

But, the most traditional access control scheme often uses Mandatory Access Control, will the function of cloud service Mapping one by one with user, but often change because the responsibility of user is regular, the access between user and service is awarded Power relation is difficult to set up and safeguard, and there is user or cloud service and become trustless by trust and cause potential safety hazard.When The way of act of user changes, it is impossible to adaptive according to user's request selection respective service.The present invention is directed to above asking Topic, proposes a kind of self adaptation cloud service access control method based on dynamic authorization mechanism.Under cloud computing environment, use and inherit The access rights of thought multi-zone supervision user, thus simplify the mapping relations of user role and access rights, according to user behavior Carry out prestige modeling, to realize the dynamic credible mandate of service, ensure reliability and the safety of sensitive data of user's access.

Cloud access control refers to judge certain user or program whether to have a certain cloud service and performs certain specific behaviour A kind of security mechanism of the authority made.At present, under the most open cloud environment of academia, service access control strategy the most deeply grinds Studying carefully, existing cloud accesses and controls mainly to have service allocation strategy based on user property, service based on user behavior distribution plan Slightly, service allocation strategy based on prestige etc..Document 1 (Wu's Bin, Feng Dengguo. under multi-domain environment, mould is entrusted in mandate based on attribute Type [J]. Journal of Software, 2011,22 (7): 1661-1675) propose a kind of mandate client model based on attribute, community set Representative as entity self authorizes, so that it is guaranteed that its authority of entity having same alike result voucher chain is consistent.Literary composition Offer 2 (Zhou Jingcai, Zhang Huyin look into Wen Liang etc. resource allocation policy based on user behavior feature [J] under cloud computing environment. calculate Machine research and development, 2014,5 (5): 1108-1119) under cloud environment, propose a kind of resource based on user behavior feature and divide Joining strategy, its thinking is the behavioural habits by counting user, sets up user behavior characteristic information table, thus dynamically adjusts cloud meter Calculate resource allocation policy.Document 3 (Yang Shaoyu, Wang hereditary official, Guo Xiaofeng. a kind of cloud service resource letter based on trust negotiation mechanism Appoint verification method [J]. computer science, 2013,40 (7): 107-112) propose a kind of cloud clothes based on trust negotiation mechanism Business resource trust authentication method, in conjunction with trust negotiation mechanism, sets up the letter between resource by the way of attribute trust negotiation The relation of appointing.

In the correlational study of academia, cloud service need to shift to an earlier date consults trusting relationship at cloud access center with user, when cloud takes The credibility of business changes, and user cannot find Mobile state adjustment of going forward side by side in time, there is certain hysteresis quality.Further, cloud is visited The center of asking cannot dynamically monitor the Behavioral change of user, the access rights of self-adaptative adjustment user.

Summary of the invention

In order to overcome traditional access control method to there is the problems such as close coupling, nature static, it is impossible to according to user behavior certainly Adapt to select the problem such as application service, the present invention provide a kind of possess higher safety and reliability based on dynamic authorization machine The self adaptation cloud service access control method of system.

The technical solution adopted for the present invention to solve the technical problems is:

A kind of self adaptation cloud service access control method based on dynamic authorization mechanism, described cloud access control method includes Following steps:

1) before cloud service may have access to, manager Mana need to be at cloud authentication center CCC to cloud service CS_xConfigure, Add the reference address add of cloud service_x, allow the prestige threshold value accessedThe service ser such as user authentication are provided {Login...}；

2) cloud service of each registration is added authentic authentication module TAM by service register center, intercepts the service of cloud user Access request, by authentication information and the cloud service access token CSAT of checking cloud user_uEffectiveness, to determine whether Cloud user accesses；

3) cloud user CU to CCC send platform validation request: user name N_u, log in password C_u, identifying code Id_u, user identity I_u；

4) cloud authentication center CCC is encrypted E to logging in password_kkk{C_u, request user profile storage server DMM, tests Card user profile.

5) DMM server returns user profile checking report and user's credit worthiness R_xIf being verified, then generate cloud user Identity token CCCAT_u, otherwise prompting user platform authentication error；

6) after certification is passed through, the CCCAT that CCC will generate_uDistribute to CU, and be saved in the cookie of user browser, User is according to CCCAT_uEffectiveness to keep Entered state；

7) if cloud user CU accesses CS_x, by CCC will generate CSAT_xDistribute to CU.

8) cloud user relies on token access service, CS_xIn TAM to CSAT_xCarry out validation verification.If authentication failed, then Refusal cloud user accesses, and otherwise provides Service Source cloudSer.

9) cloud service CS_xThe behavior of assessment user, and by assessment result R_userFeed back to cloud authentication center, and store to letter Ren Ku.

Further, described cloud access control method medium cloud user identity token CCCAT_u, cloud service access token CSAT_xIf Count as follows:

Each cloud user needs to verify user identity before accessing cloud authentication center, after being verified, just can obtain service. At initial phase, cloud authentication center need to obtain, according to reputation model RM, the history credit worthiness that user is current, use user role Tree builds model M URBT and distributes cloud service access rights collection P according to the degrees of comparison that user is residing at present_user, cloud authentication center According to P_userGenerate unique cloud user identity token CCCAT_u, this token is by the identity ID of cloud user_u, identity effectively starts Time T_s, identity effective time T_v, subscriber's main station mark Host_xDetermined, identified the user of each access cloud authentication center, as Shown in formula (1):

CCCAT_u={ ID_u,T_s,T_v,Host_x,P_user} (1)

After user profile initializes, at CCCAT_uEffective time in, cloud authentication center by resolve cloud user identity make Board, it is recommended that allow the cloud service that this cloud user accesses, user can carry out free certification to service.Call cloud service authentication interface, If user authentication success, then generate a cloud service access token CSAT_x, this token is by the CCCAT identifying user's unique identities_u, User is at cloud service CS_xIn user name N_x, password C_xDetermined, as shown in formula (2)～(3):

CSAT_x={ CCCAT_u,CS_x,N_x,C_x} (3)

Meanwhile, the cloud service information encryption of certification is deposited in User Catalog information database, as shown in formula (4):

CCC→DMM:ID_u,CS_x,E_kkk{C_x},N_x (4)

As shown in (5)～(6) formula:

CU → DMM:false | | (true ∪ N_x∪C_x) (5)

CSAT_x={ CCCAT_u,CS_x,N_x,C_x,R_user} (6)

If having stored the cloud user authentication information to cloud service in directory information base, cloud authentication center first passes through RM and obtains Comprehensive credit worthiness R that cloud user is current_user, judge the cloud user accessibility to service according to MURBT, if the comprehensive letter of user Reputation degree more than the access thresholds of cloud service, then reads the relevant information in User Catalog information database DMM, generates cloud service and visits Ask token CSAT_x, and without user's input authentication information again, otherwise refusal cloud user accesses.

Further, by user reputation model RM, the credit worthiness of cloud user is carried out quantitative evaluation and calculating, and use User role tree builds model M URBT and the authority of user is carried out hierarchical description, is finally reached the purpose of cloud service dynamic authorization.

Further, described user's reputation model includes four parts: directly credit worthiness, it is recommended that credit worthiness, comprehensive prestige Degree and history credit worthiness, direct credit worthiness is based in cloud user and the historical experience of cloud service direct interaction, and cloud certification Heart monitoring cloud user's current behavior change, the credit rating that it is carried out；Recommendation reputation degree refers to that other cloud service is to same use The history at family accesses to be evaluated；Comprehensive credit worthiness refers to based on direct credit worthiness and the Comprehensive quantitative evaluation of recommendation reputation degree；History is believed Reputation degree is that the comprehensive credit worthiness to cloud user's history is weighted summation, represents the history prestige situation of cloud user.

Entity in reputation model is divided into four classes by role, target entity CU: obtain the entity of its credit worthiness；Source services CS_o: want to obtain the service of other entity credit worthinesses；Recommendation service CS_r: to the service of source service feedback target entity trust information； Behavior monitoring person BM: the entity of the Behavioral change of monitoring user in real time；

Directly the calculating based on target entity and source service, the direct interaction of behavior monitoring person of credit worthiness, mainly affect because of Have: service request number of times, the time interval of service request, the history credit worthiness of service request；.

If moment t, source service CS_oTo the satisfaction of target entity CU it isThe behavior monitoring person BM satisfaction to CU ForFor at utmost embodying nearest credit worthiness, it is to avoid the interference of credit worthiness remote, introduce time decay factor λ, i.e. Distance weight shared by the nearlyest credit worthiness of current time is the biggest, the most credible.T is at time decay window win=[t_start,t_end] Middle CU and CS_oThe mutual moment, t_currentFor current time, then directly credit worthiness is expressed as:

$R_{{\mathrm{cs}}_o:cu}^{d,t}=\frac{\underset{t\≤t_{current}}{\Σ}{\mathrm{\λ}}^{t_{current}-t}\·S_{{\mathrm{cs}}_o:cu}^t}{\underset{t\≤t_{current}}{\Σ}{\mathrm{\λ}}^{t_{current}-t}}+S_{bm:cu}^t---\left(7\right)$

The computational methods of recommendation reputation degree are based on other recommendation service CS_rCredible with the history of same target entity CU comment Valency, influence factor has: the credibility of recommendation service itself, it is recommended that service the credibility mutual with target entity history；

Evaluator is CS_o, evaluation object is CU, CS_rFor CS_oNominator, whereinFor t CS_rTo CS_oRecommend Trust,For t CU to CS_rDirectly trust.Then recommendation reputation degree is expressed as:

$R_{{\mathrm{cs}}_o:cu}^{c,t}=R_{{\mathrm{cs}}_o:{\mathrm{cs}}_r}^{c,t}\·R_{{\mathrm{cs}}_r:cu}^{d,t}---\left(8\right)$

For same evaluation object, it is understood that there may be multiple nominators, ifFor CS_oNominator set,Then evaluator CS_oTo the merging recommendation reputation degree of evaluation object CU it is:

$R_{{\mathrm{cs}}_o:\stackrel{\‾}{{\mathrm{cs}}_u}}^{c,t}=\frac{\underset{i}{\overset{n}{\Σ}}(R_{{\mathrm{cs}}_o:{\mathrm{cs}}_r^i}^{c,t}:R_{{\mathrm{cs}}_r^i:cu}^{d,t})}{\underset{i}{\overset{n}{\Σ}}{R}_{{\mathrm{cs}}_r^i:cu}^{d,t}}---\left(9\right)$

Comprehensive credit worthinessCalculating depend on direct credit worthiness and recommendation reputation degree, use comentropy to directly believing Reputation degree and recommendation reputation degree weights α₁, α₂Automatically revising, information entropy is the least, and its uncertainty is the lowest；Comentropy calculates public affairs Formula is as follows:

For direct credit worthiness And recommendation reputation degree, calculate its entropy α respectively₁, α₂。

$H\left({\mathrm{\α}}_1\right)=-R_{{\mathrm{cs}}_o:cu}^{d,t}\·{\mathrm{logR}}_{{\mathrm{cs}}_o:cu}^{d,t}-(1-R_{{\mathrm{cs}}_o:cu}^{d,t})\·log(1-R_{{\mathrm{cs}}_o:cu}^{d,t})---\left(12\right)$

$H\left({\mathrm{\α}}_2\right)=-R_{{\mathrm{cs}}_o:\stackrel{\‾}{{\mathrm{cs}}_r}}^c\·{\mathrm{logR}}_{{\mathrm{cs}}_o:\stackrel{\‾}{{\mathrm{cs}}_r}}^c-(1-R_{{\mathrm{cs}}_o:\stackrel{\‾}{{\mathrm{cs}}_r}}^c)\·log(1-R_{{\mathrm{cs}}_o:\stackrel{\‾}{{\mathrm{cs}}_r}}^c)---\left(12\right)$

According to (13) formula, calculate corresponding α_i, it is easy to get

${\mathrm{\α}}_i=\frac{1-H\left({\mathrm{\α}}_i\right)}{\underset{i}{\overset{n}{\Σ}}(1-H({\mathrm{\α}}_i\left)\right)}---\left(13\right)$

Then comprehensive credit worthiness is expressed as:

$R_{{\mathrm{cs}}_o:cu}^{m,t}={\mathrm{\α}}_1{R}_{{\mathrm{cs}}_o:cu}^{d,t}+{\mathrm{\α}}_2{R}_{{\mathrm{cs}}_o:\stackrel{\‾}{{\mathrm{cs}}_r}}^{c,t}---\left(14\right)$

History credit worthinessCalculating depend on all previous mutual comprehensive credit worthiness of cloud user and cloud service, introduce the time Decay factor λ, history degree of belief is expressed as:

$R_{cu}^{h,t}=\frac{\underset{t\≤t_{current}}{\Σ}{\mathrm{\λ}}^{t_{current}-t}\·R_{{\mathrm{cs}}_i:cu}^{m,t}}{\underset{t\≤t_{current}}{\Σ}{\mathrm{\λ}}^{t_{current}-t}}---\left(15\right)$

In user role tree building process, the user right of each organizational unit org is carried out by the way of succession Hierarchical description, root node deposits public permission；The each descendant node of organizational unit is in addition to inheriting all permissions of predecessor node, all Have its peculiar authority；Element definition in user role tree is as follows: U is that user collects, and P is authority set, according to its authority feature Authority set can be divided into P=＜ P_RoleTeam1,…,P_RoleTeam2＞, P_formerThe authority being had by predecessor node, P_currentFor The authority that present node is had,P_userThe authority set having for user, P_user=P_RoleTeam1'∪ P_RoleTeam2'∪...∪P_RoleTeamn', wherein, RT is authority allocation table,

In the cloud authenticating user identification stage, user role tree builds model foundation cloud user's history credit worthiness, authorizes cloud and uses The cloud service access rights collection P that family is corresponding_user, according to formula (1) Suo Shi, cloud authentication center is according to the logon information of cloud user and power Limit collection, authorizes cloud user identity token CCCAT_u, cloud authentication center is by resolving CCCAT_uRecommend the cloud clothes that user allows to access Business.At cloud service dial-tone stage, according to (2)～(6) formula, user role tree builds model by comparing the comprehensive of cloud user Credit worthiness and source service access threshold value, if user's comprehensively enjoys a good reputation in the access thresholds of source service, cloud authentication center then awards Give user cloud service access token CSAT_u。

The technology of the present invention is contemplated that: proposes a kind of self adaptation cloud service based on dynamic authorization mechanism and accesses controlling party Method, first carries out prestige modeling to user behavior, uses and inherits thought hierarchical description cloud access privilege, and cloud authentication center depends on According to the mapping relations of user's history credit worthiness and user role tree structure model, authorize different cloud user identity tokens, for The cloud service allowing to access is recommended at family.Cloud authentication center is changed by monitoring user behavior in real time, dynamically adjusts the comprehensive of user Credit worthiness judges the credibility of user, if user is credible, then authorizes cloud service access token, and cloud user visits by cloud service Ask that token obtains service, otherwise denied access, set up the cloud service access environment of high credit worthiness with this, ensure the peace of sensitive data Quan Xing.

Reputation model is to the direct credit worthiness between cloud user and source service, it is recommended that the recommendation reputation degree of service for user, The history credit worthiness of cloud user carries out prestige modeling, and the dynamic authorization for user provides foundation more accurately.User role tree structure Established model uses inherits thought hierarchical description and the access rights of management cloud user, is believed by mapping mode association cloud user's history Reputation degree and the access rights of cloud service, authorize the service access authority collection that cloud user is different, be finally reached cloud service dynamic authorization Purpose.

Propose a kind of cloud based on dynamic authorization mechanism and access control trust framework, introduce authentic authentication for each cloud service Module (Trusted Authentication Module, TAM), and give feasible trust calculating, to ensure that user accesses Reliability, solving user can not the critical problem such as self adaptation dynamic authorization.

Framework comprises four altogether and participates in mutual entity, cloud user (Cloud User, CU), cloud service (Cloud Service, CS), cloud authentication center (Cloud Certification Center, CCC), data management module (Data Management Module, DMM).Three phases: cloud information initializing stage, cloud authenticating user identification stage and cloud service are visited Ask the stage；Two models: reputation model (Reputation Model, RM), user role tree builds model (The Model of User Role Building Tree, MURBT).

The responsibility of main function components CCC is broadly divided into four parts, and user role manages, user authorization management, and cloud takes Business manages and for managing the prestige storehouse of credit worthiness.DMM uses directory type data base and markup language to facilitate the reading of user profile Take and revise.

Cloud accesses the life cycle controlled can be divided into three phases, and the first stage is the cloud information initializing stage, including using The Role Management at family, the configuration of cloud service and the introducing etc. of authentic authentication module TAM.Second stage is cloud authenticating user identification rank Section, according to behavior and the history degree of belief thereof of user, builds model with user role tree and carries out permissions mapping, distribute cloud user's body Part token (CCC Access Token, CCCAT_u), the cloud service allowing to access is recommended for cloud user.Phase III is cloud service Dial-tone stage, cloud authentication center, by monitoring the change of user behavior in real time, obtains the comprehensive credit worthiness that cloud user is current, if cloud The comprehensive credit worthiness of user reaches the access thresholds of cloud service, then authorize user cloud service access token (CS Access Token,CSAT_u), cloud user relies on unique cloud service access token CSAT_uAccess cloud service.After access terminates, cloud service pair The behavior of user carries out credible evaluation, and credit worthiness stores the trust storehouse to cloud authentication center.

RM is to the direct credit worthiness between cloud user and source service, it is recommended that the recommendation reputation degree of service for user, cloud user History credit worthiness carry out prestige modeling, the dynamic authorization for user provides foundation more accurately.MURBT uses succession thought to divide Layer describes and the access rights of management cloud user, in the cloud authenticating user identification stage, associates cloud user's history by mapping mode Credit worthiness and the access rights of cloud service, authorize the service access authority collection that cloud user is different.At cloud service dial-tone stage, pass through Compare the comprehensive credit worthiness of user and the access thresholds of cloud service, to judge the cloud user accessibility to this service.

Definition 1 (cloud service CS_x) completed, by single service or composite services, the entity that service is asked.

Definition 2 (cloud user CU) uses the individuality of cloud service to be referred to as cloud user.

Definition 3 (cloud user identity token CCCAT_u) access cloud authentication center user's voucher be referred to as cloud user identity order Board.

Definition 4 (cloud service access token CSAT_u) access cloud service user identity voucher be referred to as cloud service access token.

Beneficial effects of the present invention is mainly manifested in: cloud is accessed control and is studied, and under cloud computing environment, uses Inherit the access rights of thought multi-zone supervision user, thus simplify the mapping relations of user role and access rights, according to user Behavior carries out prestige modeling, to realize the dynamic credible mandate of service, ensures reliability and the peace of sensitive data of user's access Quan Xing.

Accompanying drawing explanation

Fig. 1 is the schematic diagram of self adaptation cloud service access control framework.

Fig. 2 is the schematic diagram of direct degree of belief.

Fig. 3 is the schematic diagram of recommendation trust degree.

Fig. 4 is the schematic diagram that user role tree builds model.

Detailed description of the invention

The invention will be further described below in conjunction with the accompanying drawings.

With reference to Fig. 1～Fig. 4, a kind of self adaptation cloud service access control method based on dynamic authorization mechanism, described cloud is visited Ask that control method comprises the following steps:

1) before cloud service may have access to, manager Mana need to be at cloud authentication center CCC to cloud service CS_xConfigure, Add the reference address add of cloud service_x, allow the prestige threshold value accessedThe service ser such as user authentication are provided {Login...}；

2) cloud service of each registration is added authentic authentication module TAM by service register center, intercepts the service of cloud user Access request, by authentication information and the cloud service access token CSAT of checking cloud user_uEffectiveness, to determine whether Cloud user accesses；

3) cloud user CU to CCC send platform validation request: user name N_u, log in password C_u, identifying code Id_u, user identity I_u；

4) cloud authentication center CCC is encrypted E to logging in password_kkk{C_u, request user profile storage server DMM, tests Card user profile.

5) DMM server returns user profile checking report and user's credit worthiness R_xIf being verified, then generate cloud user Identity token CCCAT_u, otherwise prompting user platform authentication error；

6) after certification is passed through, the CCCAT that CCC will generate_uDistribute to CU, and be saved in the cookie of user browser, User is according to CCCAT_uEffectiveness to keep Entered state；

7) if cloud user CU accesses CS_x, by CCC will generate CSAT_xDistribute to CU.

8) cloud user relies on token access service, CS_xIn TAM to CSAT_xCarry out validation verification.If authentication failed, then Refusal cloud user accesses, and otherwise provides Service Source cloudSer.

9) cloud service CS_xThe behavior of assessment user, and by assessment result R_userFeed back to cloud authentication center, and store to letter Ren Ku.

As it is shown in figure 1, first propose a kind of cloud based on dynamic authorization mechanism to access control trust framework, take for each cloud Business introduces authentic authentication module (Trusted Authentication Module, TAM), and gives feasible trust calculating, To ensure the reliability that user accesses, solving user can not the critical problem such as self adaptation dynamic authorization.

Framework comprises four altogether and participates in mutual entity, cloud user (Cloud User, CU), cloud service (Cloud Service, CS), cloud authentication center (Cloud Certification Center, CCC), data management module (Data Management Module, DMM).Three phases: cloud information initializing stage, cloud authenticating user identification stage and cloud service are visited Ask the stage；Two models: reputation model (Reputation Model, RM), user role tree builds model (The Model of User Role Building Tree, MURBT).

The responsibility of main function components CCC is broadly divided into four parts, and user role manages, user authorization management, and cloud takes Business manages and for managing the prestige storehouse of credit worthiness.DMM uses directory type data base and markup language to facilitate the reading of user profile Take and revise.

Cloud accesses the life cycle controlled can be divided into three phases, and the first stage is the cloud information initializing stage, including using The Role Management at family, the configuration of cloud service and the introducing etc. of authentic authentication module TAM.Second stage is cloud authenticating user identification rank Section, according to behavior and the history degree of belief thereof of user, builds model with user role tree and carries out permissions mapping, distribute cloud user's body Part token (CCC Access Token, CCCAT_u), the cloud service allowing to access is recommended for cloud user.Phase III is cloud service Dial-tone stage, cloud authentication center, by monitoring the change of user behavior in real time, obtains the comprehensive credit worthiness that cloud user is current, if cloud The comprehensive credit worthiness of user reaches the access thresholds of cloud service, then authorize user cloud service access token (CS Access Token,CSAT_u), cloud user relies on unique cloud service access token CSAT_uAccess cloud service.After access terminates, cloud service pair The behavior of user carries out credible evaluation, and credit worthiness stores the trust storehouse to cloud authentication center.

RM is to the direct credit worthiness between cloud user and source service, it is recommended that the recommendation reputation degree of service for user, cloud user History credit worthiness carry out prestige modeling, the dynamic authorization for user provides foundation more accurately.MURBT uses succession thought to divide Layer describes and the access rights of management cloud user, in the cloud authenticating user identification stage, associates cloud user's history by mapping mode Credit worthiness and the access rights of cloud service, authorize the service access authority collection that cloud user is different.At cloud service dial-tone stage, pass through Compare the comprehensive credit worthiness of user and the access thresholds of cloud service, to judge the cloud user accessibility to this service.

Definition 1 (cloud service CS_x) completed, by single service or composite services, the entity that service is asked.

Definition 2 (cloud user CU) uses the individuality of cloud service to be referred to as cloud user.

Definition 3 (cloud user identity token CCCAT_u) access cloud authentication center user's voucher be referred to as cloud user identity order Board.

Definition 4 (cloud service access token CSAT_u) access cloud service user identity voucher be referred to as cloud service access token.

With reference to Fig. 2～Fig. 4, self adaptation cloud access control framework based on dynamic authorization mechanism, described cloud accesses controlling party Method comprises the following steps:

1)

Before cloud service may have access to, manager Mana need to be at cloud authentication center CCC to cloud service CS_xConfigure, add Add the reference address add of cloud service_x, allow the prestige threshold value accessedThe service ser such as user authentication are provided {Login...}；

2)

The cloud service of each registration is added authentic authentication module TAM by service register center, and its effect is to intercept cloud user Service access request, by the checking authentication information of cloud user and cloud service access token CSAT_uEffectiveness, with judge be No permission cloud user accesses；

3)CU→CCC:N_u,C_u,Id_u,I_u

Cloud user CU sends platform validation to CCC and asks: user name N_u, log in password C_u, identifying code Id_u, user identity I_u；

4)CCC→DMM:N_u,E_kkk{C_u},Id_u,I_u

Cloud authentication center CCC is encrypted E to logging in password_kkk{C_u, request user profile storage server DMM, checking User profile.

5)DMM→CCC:false||(true∪R_x)

DMM server returns user profile checking report and user's credit worthiness R_xIf being verified, then generate cloud user's body Part token CCCAT_u, otherwise prompting user platform authentication error；

6)CCC→CU:CCCAT_u

After certification is passed through, the CCCAT that CCC will generate_uDistribute to CU, and be saved in the cookie of user browser, use Family is according to CCCAT_uEffectiveness to keep Entered state；

7)

If cloud user CU accesses CS_x, by CCC will generate CSAT_xDistribute to CU.

8)

Cloud user relies on token access service, CS_xIn TAM to CSAT_xCarry out validation verification.If authentication failed, then refuse Cloud user absolutely accesses, and otherwise provides Service Source cloudSer.

9)

Cloud service CS_xThe behavior of assessment user, and by assessment result R_userFeed back to cloud authentication center, and store to trust Storehouse.

Further, described cloud access control method medium cloud user identity token CCCAT_u, cloud service access token CSAT_xIf Count as follows:

10)CCCAT_uDesign

Each cloud user needs to verify user identity before accessing cloud authentication center, after being verified, just can obtain service. At initial phase, cloud authentication center need to obtain, according to reputation model RM, the history credit worthiness that user is current, use user role Tree builds model M URBT and distributes cloud service access rights collection P according to the degrees of comparison that user is residing at present_user, cloud authentication center According to P_userGenerate unique cloud user identity token CCCAT_u, this token is by the identity ID of cloud user_u, identity effectively starts Time T_s, identity effective time T_v, subscriber's main station mark Host_xDetermined, identified the user of each access cloud authentication center, as Shown in formula (1):

CCCAT_u={ ID_u,T_s,T_v,Host_x,P_user} (1)

11)CSAT_xDesign

After user profile initializes, at CCCAT_uEffective time in, cloud authentication center by resolve cloud user identity make Board, it is recommended that allow the cloud service that this cloud user accesses, user can carry out free certification to service.Call cloud service authentication interface, If user authentication success, then generate a cloud service access token CSAT_x, this token is by the CCCAT identifying user's unique identities_u, User is at cloud service CS_xIn user name N_x, password C_xDetermined, as shown in formula (2)～(3):

CSAT_x={ CCCAT_u,CS_x,N_x,C_x} (3)

Meanwhile, the cloud service information encryption of certification is deposited in User Catalog information database, as shown in formula (4):

CCC→DMM:ID_u,CS_x,E_kkk{C_x},N_x (4)

As shown in (5)～(6) formula, if directory information base has stored the cloud user authentication information to cloud service, cloud certification Center first passes through RM and obtains comprehensive credit worthiness R that cloud user is current_user, judge cloud user visiting service according to MURBT Asking property, if the comprehensive credit worthiness of user is more than the access thresholds of cloud service, then reads the phase in User Catalog information database DMM Pass information, generates cloud service access token CSAT_x, and without user's input authentication information again.Otherwise refusal cloud user visits Ask.

CU → DMM:false | | (true ∪ N_x∪C_x) (5)

CSAT_x={ CCCAT_u,CS_x,N_x,C_x,R_user} (6)

Further, described step 10) and 11) in, by reputation model RM, the credit worthiness of cloud user is carried out quantization and comment Estimate and calculate, and using user role tree structure model M URBT that the authority of user is carried out hierarchical description, being finally reached cloud service The purpose of dynamic authorization.

12) reputation model

The core concept of reputation model is based on cloud access control framework proposed by the invention, accesses sensitive number for user According to time provide safety guarantee.Reputation model is a dynamic model, along with user's access times increase so that the credit value of user More accurate.

User's reputation model mainly includes four parts: directly credit worthiness, it is recommended that credit worthiness, comprehensive credit worthiness, history is believed Reputation degree.Wherein directly credit worthiness is based on cloud user and the historical experience of cloud service direct interaction, and the monitoring of cloud authentication center Cloud user's current behavior changes, the credit rating carrying out it.Recommendation reputation degree refers to that same user is gone through by other cloud service History accesses to be evaluated.Comprehensive credit worthiness refers to based on direct credit worthiness and the Comprehensive quantitative evaluation of recommendation reputation degree.History credit worthiness is The comprehensive credit worthiness of cloud user's history is weighted summation, represents the history prestige situation of cloud user.

For convenience of description, the entity in reputation model is divided into four classes by role by the present invention.

Target entity CU: obtain the entity of its credit worthiness.Such as cloud user.

Source service CS_o: want to obtain the service of other entity credit worthinesses.Service such as cloud user's current accessed.

Recommendation service CS_r: to the service of source service feedback target entity trust information.

Behavior monitoring person BM: the entity of the Behavioral change of monitoring user in real time.Such as cloud authentication center.

A) direct credit worthiness

As in figure 2 it is shown, directly the calculating of credit worthiness is based on target entity and source service, the direct interaction of behavior monitoring person, Major influence factors has: service request number of times, the time interval of service request, the history credit worthiness etc. of service request.

If moment t, source service CS_oTo the satisfaction of target entity CU it isThe behavior monitoring person BM satisfaction to CU ForFor at utmost embodying nearest credit worthiness, it is to avoid the interference of credit worthiness remote, introduce time decay factor λ, i.e. Distance weight shared by the nearlyest credit worthiness of current time is the biggest, the most credible.T is at time decay window win=[t_start,t_end] Middle CU and CS_oThe mutual moment, t_currentFor current time, then directly degree of belief is represented by:

$R_{{\mathrm{cs}}_o:cu}^{d,t}=\frac{\underset{t\≤t_{current}}{\Σ}{\mathrm{\λ}}^{t_{current}-t}\·S_{{\mathrm{cs}}_o:cu}^t}{\underset{t\≤t_{current}}{\Σ}{\mathrm{\λ}}^{t_{current}-t}}+S_{bm:cu}^t---\left(7\right)$

B) recommendation reputation degree

As it is shown on figure 3, the computational methods of recommendation reputation degree are based primarily upon other recommendation service CS_rWith same target entity CU The credible evaluation of history, major influence factors has: the credibility of recommendation service itself, it is recommended that service with target entity history hand over Mutual credibility etc..

Evaluator is CS_o, evaluation object is CU, CS_rFor CS_oNominator, whereinFor t CS_rTo CS_oRecommend Trust,For t CU to CS_rDirectly trust.Then recommendation reputation degree is represented by:

$R_{{\mathrm{cs}}_o:cu}^{c,t}=R_{{\mathrm{cs}}_o:{\mathrm{cs}}_r}^{c,t}\·R_{{\mathrm{cs}}_r:cu}^{d,t}---\left(8\right)$

For same evaluation object, it is understood that there may be multiple nominators, ifFor CS_oNominator set,Then evaluator CS_oTo the merging recommendation reputation degree of evaluation object CU it is:

$R_{{\mathrm{cs}}_o:\stackrel{\‾}{{\mathrm{cs}}_u}}^{c,t}=\frac{\underset{i}{\overset{n}{\Σ}}(R_{{\mathrm{cs}}_o:{\mathrm{cs}}_r^i}^{c,t}:R_{{\mathrm{cs}}_r^i:cu}^{d,t})}{\underset{i}{\overset{n}{\Σ}}{R}_{{\mathrm{cs}}_r^i:cu}^{d,t}}---\left(9\right)$

C) comprehensive credit worthiness

Comprehensive credit worthinessCalculating depend on direct credit worthiness and recommendation reputation degree.In view of uncertain feature pair The impact of prestige, the present invention uses comentropy to direct credit worthiness and recommendation reputation degree weights α₁, α₂Automatically revise.Information Entropy is the least, and its uncertainty is the lowest.Comentropy computing formula is as follows:

For direct credit worthiness And recommendation reputation degree, calculate its entropy α respectively₁, α₂。

$H\left({\mathrm{\α}}_1\right)=-R_{{\mathrm{cs}}_o:cu}^{d,t}\·\log R_{{\mathrm{cs}}_o:cu}^{d,t}-(1-R_{{\mathrm{cs}}_o:cu}^{d,t})\·log(1-R_{{\mathrm{cs}}_o:cu}^{d,t})---\left(11\right)$

$H\left({\mathrm{\α}}_2\right)=-R_{{\mathrm{cs}}_o:\stackrel{\‾}{{\mathrm{cs}}_r}}^c\·log{R}_{{\mathrm{cs}}_o:\stackrel{\‾}{{\mathrm{cs}}_r}}^c-(1-R_{{\mathrm{cs}}_o:\stackrel{\‾}{{\mathrm{cs}}_r}}^c)\·log(1-R_{{\mathrm{cs}}_o:\stackrel{\‾}{{\mathrm{cs}}_r}}^c)---\left(12\right)$

According to (13) formula, calculate corresponding α_i, it is easy to get

${\mathrm{\α}}_i=\frac{1-H\left({\mathrm{\α}}_i\right)}{\underset{i}{\overset{n}{\Σ}}(1-H({\mathrm{\α}}_i\left)\right)}---\left(13\right)$

Then comprehensive credit worthiness is represented by:

$R_{{\mathrm{cs}}_o:cu}^{m,t}={\mathrm{\α}}_1{R}_{{\mathrm{cs}}_o:cu}^{d,t}+{\mathrm{\α}}_2{R}_{{\mathrm{cs}}_o:\stackrel{\‾}{{\mathrm{cs}}_r}}^{c,t}---\left(14\right)$

D) history credit worthiness

History credit worthinessCalculating depend on all previous mutual comprehensive credit worthiness of cloud user and cloud service.History prestige Spending similar to direct credit worthiness calculation, for avoiding the interference of credit worthiness remote, introduce time decay factor λ, history is trusted Degree is represented by:

$R_{cu}^{h,t}=\frac{\underset{t\≤t_{current}}{\Σ}{\mathrm{\λ}}^{t_{current}-t}\·R_{{\mathrm{cs}}_i:cu}^{m,t}}{\underset{t\≤t_{current}}{\Σ}{\mathrm{\λ}}^{t_{current}-t}}---\left(15\right)$

13) user role tree builds model

As shown in Figure 4, in user role tree building process, pass through to inherit to the user right of each organizational unit org Mode carry out hierarchical description, root node deposits public permission.The each descendant node of organizational unit is except the institute inheriting predecessor node Outside having permission, it is owned by its peculiar authority.Element definition in user role tree is as follows: U is that user collects, and P is authority set, according to Authority set can be divided into P=＜ P by its authority feature_RoleTeam1,…,P_RoleTeam2＞, P_formerThe power being had by predecessor node Limit, P_currentThe authority being had by present node,P_userThe authority set having for user, P_user= P_RoleTeam1'∪P_RoleTeam2'∪...∪P_RoleTeamn', wherein, RT is authority allocation table,

In the cloud authenticating user identification stage, user role tree builds model foundation cloud user's history credit worthiness, authorizes cloud and uses The cloud service access rights collection P that family is corresponding_user, according to formula (1) Suo Shi, cloud authentication center is according to the logon information of cloud user and power Limit collection, authorizes cloud user identity token CCCAT_u, cloud authentication center is by resolving CCCAT_uRecommend the cloud clothes that user allows to access Business.At cloud service dial-tone stage, according to (2)～(6) formula, user role tree builds model by comparing the comprehensive of cloud user Credit worthiness and source service access threshold value, if user's comprehensively enjoys a good reputation in the access thresholds of source service, cloud authentication center then awards Give user cloud service access token CSAT_u。

Claims (6)

1. a self adaptation cloud service access control method based on dynamic authorization mechanism, it is characterised in that: described cloud accesses control Method processed comprises the following steps:

1) before cloud service may have access to, manager Mana need to be at cloud authentication center CCC to cloud service CS_xConfigure, add cloud The reference address add of service_x, allow the prestige threshold value accessedThe service ser{Login...} such as user authentication are provided；

2) cloud service of each registration is added authentic authentication module TAM by service register center, intercepts the service access of cloud user Request, by authentication information and the cloud service access token CSAT of checking cloud user_uEffectiveness, to determine whether that cloud is used Family accesses；

3) cloud user CU to CCC send platform validation request: user name N_u, log in password C_u, identifying code Id_u, user identity I_u；

4) cloud authentication center CCC is encrypted E to logging in password_kkk{C_u, request user profile storage server DMM, checking is used Family information.

5) DMM server returns user profile checking report and user's credit worthiness R_xIf being verified, then generate cloud user identity Token CCCAT_u, otherwise prompting user platform authentication error；

6) after certification is passed through, the CCCAT that CCC will generate_uDistribute to CU, and be saved in the cookie of user browser, Yong Huyi According to CCCAT_uEffectiveness to keep Entered state；

7) if cloud user CU accesses CS_x, by CCC will generate CSAT_xDistribute to CU.

8) cloud user relies on token access service, CS_xIn TAM to CSAT_xCarry out validation verification.If authentication failed, then refuse Cloud user accesses, and otherwise provides Service Source cloudSer.

9) cloud service CS_xThe behavior of assessment user, and by assessment result R_userFeed back to cloud authentication center, and store to trusting storehouse.

A kind of self adaptation cloud service access control method based on dynamic authorization mechanism, its feature It is: described cloud access control method medium cloud user identity token CCCAT_u, cloud service access token CSAT_xDesign as follows:

Each cloud user needs to verify user identity before accessing cloud authentication center, after being verified, just can obtain service.Just In stage beginning, cloud authentication center need to obtain, according to reputation model RM, the history credit worthiness that user is current, use user role tree structure Established model MURBT distributes cloud service access rights collection P according to the degrees of comparison that user is residing at present_user, cloud authentication center foundation P_userGenerate unique cloud user identity token CCCAT_u, this token is by the identity ID of cloud user_u, identity effective time started T_s, identity effective time T_v, subscriber's main station mark Host_xDetermined, identified the user of each access cloud authentication center, such as formula (1) Shown in:

CCCAT_u={ ID_u,T_s,T_v,Host_x,P_user} (1)

After user profile initializes, at CCCAT_uEffective time in, cloud authentication center by resolve cloud user identity token, push away Recommending the cloud service allowing this cloud user to access, user can carry out free certification to service.Call cloud service authentication interface, if user Certification success, then generate a cloud service access token CSAT_x, this token is by the CCCAT identifying user's unique identities_u, Yong Hu Cloud service CS_xIn user name N_x, password C_xDetermined, as shown in formula (2)～(3):

CSAT_x={ CCCAT_u,CS_x,N_x,C_x} (3)

Meanwhile, the cloud service information encryption of certification is deposited in User Catalog information database, as shown in formula (4):

CCC→DMM:ID_u,CS_x,E_kkk{C_x},N_x (4)

As shown in (5)～(6) formula:

CU → DMM:false | | (true ∪ N_x∪C_x) (5)

CSAT_x={ CCCAT_u,CS_x,N_x,C_x,R_user} (6)

If having stored the cloud user authentication information to cloud service in directory information base, cloud authentication center first passes through RM and obtains cloud use Comprehensive credit worthiness R that family is current_user, judge the cloud user accessibility to service according to MURBT, if the comprehensive credit worthiness of user More than the access thresholds of cloud service, then read the relevant information in User Catalog information database DMM, generate cloud service and access order Board CSAT_x, and without user's input authentication information again, otherwise refusal cloud user accesses.

A kind of self adaptation cloud service access control method based on dynamic authorization mechanism, its feature It is: by user reputation model RM, the credit worthiness of cloud user carried out quantitative evaluation and calculating, and use user role tree structure Established model MURBT carries out hierarchical description to the authority of user, is finally reached the purpose of cloud service dynamic authorization.

A kind of self adaptation cloud service access control method based on dynamic authorization mechanism, its feature It is: described user's reputation model includes four parts: directly credit worthiness, it is recommended that credit worthiness, comprehensive credit worthiness and history prestige Degree, direct credit worthiness is based on cloud user and the historical experience of cloud service direct interaction, and cloud authentication center monitoring cloud user Current behavior changes, the credit rating carrying out it；Recommendation reputation degree refers to that the history of same user is accessed by other cloud service Evaluate；Comprehensive credit worthiness refers to based on direct credit worthiness and the Comprehensive quantitative evaluation of recommendation reputation degree；History credit worthiness is to use cloud The comprehensive credit worthiness of family history is weighted summation, represents the history prestige situation of cloud user.

A kind of self adaptation cloud service access control method based on dynamic authorization mechanism, its feature It is: the entity in reputation model is divided into four classes by role, target entity CU: obtain the entity of its credit worthiness；Source services CS_o: want to obtain the service of other entity credit worthinesses；Recommendation service CS_r: to the service of source service feedback target entity trust information； Behavior monitoring person BM: the entity of the Behavioral change of monitoring user in real time；

Directly the calculating of credit worthiness is based on target entity and source service, the direct interaction of behavior monitoring person, major influence factors Have: service request number of times, the time interval of service request, the history credit worthiness of service request；.

If moment t, source service CS_oTo the satisfaction of target entity CU it isThe satisfaction of CU is by behavior monitoring person BMFor at utmost embodying nearest credit worthiness, it is to avoid the interference of credit worthiness remote, introduce time decay factor λ, i.e. away from From current time more close to weight shared by credit worthiness the biggest, the most credible.T is at time decay window win=[t_start,t_endIn] CU and CS_oThe mutual moment, t_currentFor current time, then directly credit worthiness is expressed as:

The computational methods of recommendation reputation degree are based on other recommendation service CS_rWith the credible evaluation of history of same target entity CU, impact Because have: the credibility of recommendation service itself, it is recommended that service the credibility mutual with target entity history；

Evaluator is CS_o, evaluation object is CU, CS_rFor CS_oNominator, whereinFor t CS_rTo CS_oRecommendation trust,For t CU to CS_rDirectly trust.Then recommendation reputation degree is expressed as:

For same evaluation object, it is understood that there may be multiple nominators, ifFor CS_oNominator set,Then comment The person of estimating CS_oTo the merging recommendation reputation degree of evaluation object CU it is:

Comprehensive credit worthinessCalculating depend on direct credit worthiness and recommendation reputation degree, use comentropy to direct credit worthiness and Recommendation reputation degree weights α₁, α₂Automatically revising, information entropy is the least, and its uncertainty is the lowest；Comentropy computing formula is such as Under:

For direct credit worthiness And recommendation reputation degree, calculate its entropy α respectively₁, α₂。

According to (13) formula, calculate corresponding α_i, it is easy to get

Then comprehensive credit worthiness is expressed as:

History credit worthinessCalculating depend on all previous mutual comprehensive credit worthiness of cloud user and cloud service, introduce time decay Factor lambda, history degree of belief is expressed as:

6. a kind of based on dynamic authorization mechanism the self adaptation cloud service access control method as described in one of claim 2～5, It is characterized in that: in user role tree building process, the user right of each organizational unit org is entered by the way of succession Row hierarchical description, root node deposits public permission；The each descendant node of organizational unit except inherit predecessor node all permissions in addition to, It is owned by its peculiar authority；Element definition in user role tree is as follows: U is that user collects, and P is authority set, special according to its authority Authority set can be divided into P=< P by point_RoleTeam1,...,P_RoleTeam2>, P_formerThe authority being had by predecessor node, P_currentFor The authority that present node is had,P_userThe authority set having for user, P_user=P_RoleTeam1'∪ P_RoleTeam2'∪...∪P_RoleTeamn', wherein, RT is authority allocation table,

In the cloud authenticating user identification stage, user role tree builds model foundation cloud user's history credit worthiness, authorizes cloud user couple The cloud service access rights collection P answered_user, according to formula (1) Suo Shi, cloud authentication center is according to the logon information of cloud user and authority Collection, authorizes cloud user identity token CCCAT_u, cloud authentication center is by resolving CCCAT_uUser is recommended to allow the cloud service accessed. At cloud service dial-tone stage, according to (2)～(6) formula, user role tree builds model by comparing the comprehensive letter of cloud user Reputation degree and source service access threshold value, if user's comprehensively enjoys a good reputation in the access thresholds of source service, cloud authentication center then authorizes User cloud service access token CSAT_u。