面向开放式网络的动态博弈访问控制模型与方法

项目名称： 面向开放式网络的动态博弈访问控制模型与方法

项目编号： No.61272500

项目类型： 面上项目

立项/批准年度： 2013

项目学科： 自动化技术、计算机技术

项目作者： 何泾沙

作者单位： 北京工业大学

项目金额： 80万元

中文摘要： 访问控制是保护计算机和网络中信息、资源和服务的一项关键安全技术，按照设置的安全策略对用户的访问请求进行控制。由于开放式网络中用户身份的随意性和不可控性，传统的主要基于身份或角色的访问控制已无法完全满足安全要求。访问控制成为开放式网络中亟待解决的关键安全问题之一及研究热点。本课题引入信任机制，研究开放式网络中访问控制关键技术问题，设计基于信任的动态博弈访问控制模型与方法。研究中运用博弈理论，通过分析访问主体和客体之间的博弈关系和过程，建立动态访问控制模型；基于模糊数学理论研究和解决信任量化问题；基于访问控制策略提出信任值到访问权限的动态映射方法；最后，运用并行计算理论研究对并发访问进行控制的问题，提出解决问题的相关理论和方法。研究中设计的开放式网络环境中基于信任的动态博弈访问控制模型与方法能够确保访问控制机制对开放式网络中的信息、资源和服务提供更加有效的安全保护并能够有效遏制恶意访问或攻击。

中文关键词： 网络安全；访问控制；信任；博弈论；无线传感器网络

英文摘要： Access control is a key technology for the protection of information, resources and services in computer systems and networks which controls user access based on specified access control policies or rules. Due to the unpredictability and uncontrolability of user identities in open network environments, traditional identity-based or role-based access control models and methods can no longer completely meet the access control requirements. Access control in open network environments has become a serious problem and thus a hot research topic. In this research, we introduce the notion of trust and develop key technologies for access control in open network environments and develop trust-based access control models and methods based on game theory. In this research, we study the problem of dynamic access control model by applying game theory to analyze the relationship between the requestor and the resource owner as well as the process of gaining access by the requestor; solve the problem of trust qualification by relying on the theory of fuzzy mathematics; and solve the problem of dynamic mapping of trust values to access rights according to access control policies or rules. Based on the above theories and methods we develop, we lastly study the problem of controlling parallel accesses by applying relevant theories

英文关键词： Network Security；Access Control；Trust；Game Theory；Wireless Sensor Networks