基于格理论的社交网络访问控制方法研究

项目名称： 基于格理论的社交网络访问控制方法研究

项目编号： No.61303248

项目类型： 青年科学基金项目

立项/批准年度： 2014

项目学科： 自动化技术、计算机技术

项目作者： 张颖君

作者单位： 中国科学院软件研究所

项目金额： 23万元

中文摘要： 社交网络是人类社会关系的网络化呈现，在带来信息沟通快速实时等便利的同时，也带来了用户隐私泄露、网络信息传播不可控等安全威胁。设计符合社交网络需求特点的访问控制模型是解除上述威胁的有效途径：1）授权对象需求：社交网络用户数量极其庞大且相对独立，难以对用户或角色单独授权，需从用户关系角度分析；2）特有操作需求：需充分考虑 "转发"等易引起大量策略叠加的特有操作；3）动态模糊需求：用户状态动态变化，且部分特征定义具有模糊性，需对该动态模糊特征进行分析。本项目针对社交网络新的安全需求，在分析格与社交网络相关性的基础上，研究基于格理论的访问控制方法。主要研究内容包括：基于格聚类的特征提取与量化方法，并构建基于格化特征的访问控制模型；研究访问控制策略的格化描述方法，利用格蕴涵理论进行策略合成与冲突消解；建立基于动态模糊格的索引，利用格降维理论进行请求判定；最后，构建原型系统进行实验验证与分析。

中文关键词： 访问控制；社交网络；格理论；；

英文摘要： Social networks represent real human relationships in the virtual network. It brings lots of convenience when people communicate. At the same time, it also brings threats including sensitive information leakage and arbitrary transmission. To solve these problems, we should design a new access control model that is suitable for the social networks. Firstly, we should consider authorization objects. Since the number of users in social networks is extremely large, it is hard to authorize every user or role. The relationship between users should be considered. Secondly, we should consider some special operations such as "FORWARD" that may make use of lots of policies. Thirdly, we should consider the dynamic and fuzzy characteristics. In a typical social network, user statuses in social networks are dynamic, and some definitions of characteristics are fuzzy. These special features should also be considered. This project focuses on these problems in social networks. By analyzing the relationship between lattice theory and social networks, we will first make researches on feature extraction and quantification based on lattice clusters. Then we construct an access control model based on lattice features. Secondly, we use lattice to describe different access control policies. We will also make use of lattice implication

英文关键词： Access Control；Social Networks；Lattice Theory；；