Self-adaptive access control method for big data resources

Abstract

The invention discloses a self-adaptive access control method for big data resources, which comprises the following steps of: constructing an adaptive access control model AACM-BC based on a service constraint by introducing the service constraint and a user intention based on an ABAC model; performing management of entity attribute information and access control strategy information involved in an access control process in a preparation stage based on the AACM-BC; carrying out judgment, response and execution of the access request in the execution stage; and performing conventional permissionjudgment based on logic calculation, if the judgment result is access forbidding, directly returning a judgment response of access forbidding, and if the judgment result is access permission, performing LSTM-based service permission judgment, the result of service permission judgment being a final result of permission judgment. According to the invention, the problems existing in big data resource access control in the prior art can be effectively solved.

Description

technical field [0001] The invention relates to the technical field of big data resource access, in particular to an adaptive access control method for big data resources. Background technique [0002] In recent years, with the continuous development of emerging technologies such as cloud computing and the Internet of Things, these new technologies have generated massive data resources in people's production and life. The era of big data has quietly arrived, and the social changes brought about by big data have already Going deep into all aspects of production and life, data has become a treasure trove of assets that can flow. Through the analysis and utilization of big data resources, huge social and economic value can be created, and the greater the amount of data and the wider the source, the generated value is also great. However, while big data brings new development opportunities, it also faces severe security challenges. Unauthorized sharing of big data will pose a hu...

AI Technical Summary

Problems solved by technology

[0002] In recent years, with the continuous development of emerging technologies such as cloud computing and the Internet of Things, these new technologies have generated massive data resources in people's production and life. The era of big data has quietly arrived, and the social changes brought about by big data have already Going deep into all aspects of production and life, data has become a treasure trove of assets that can flow. Through the analysis and utilization of big data resources, huge social and economic value can be created, and the greater the amount of data and the wider the source, the generated value is also great. However, while big data brings new development opportunities, it also faces severe security challenges. Unauthorized sharing of big data will pose a huge security threat to users' own data. Controlled circulation and sharing of big data resources is the premise and basis for big data applications and their development.

[0003] As an important means of protecting data security, access control technology enables legitimate users to access corresponding resources in the system according to their own permissions through the management of user permissions, and prohibits unauthorized access to data by illegal users, thereby effectively protecting data. Security and the normal operation of business systems, therefore, it is urgent to take effective access control measures to protect the security and controllable sharing of big data resources. However, big data resources have the characteristics of large data volume, strong dynamics, and wide sources, which make The management scenarios of big data are more complicated, the security requirements become more diverse, and the traditional static access control technology is difficult to apply. The following challenges exist in the current big data access control: Efficient policy management of resources poses a challenge to the implementation of dynamic access control. In existing access control methods, policy management is inseparable from specific application scenarios, and security managers need to manually formulate access control based on professional knowledge. strategy, so as to realize the protection of data resources. In a closed environment, it is safe and feasible to carry out manual policy management in the face of limited data resources. However, in an open big data environment, facing massive and dynamically changing Manual policy management of data resources is a labor-intensive task with a huge workload and difficult to achieve;

[0004] It is difficult to accurately describe the access control strategy of multi-source big data resources, which poses a challenge to the implementation of fine-grained access control. Big data resources themselves have a low value density, and their core value does not lie in a single data resource itself , but because the analysis results obtained after the analysis and utilization of massive data have a higher value density. At the same time, massive big data has the characteristics of multi-source aggregation, cooperation and sharing, which increases the difficulty of access control policy formulation and authorization management. , the phenomenon of over-authorization and insufficient authorization is becoming more and more serious. How to judge "which users are allowed to access which resources" itself is a very professional and difficult to describe accurately in the context of big data. Therefore, in order to maintain the system Usability, these systems often use excessive authorization. In addition, due to the complexity of big data and its applications, some new access requirements are often not considered in advance by security managers. In order to better protect resource security, user authorization There are more and more deficiencies

Images