| With the rapid development of information construction in e-government system,security risks and threats to resources and infrastructure construction in governmentIntranet are increasing. Under this environment the traditional access control modelscannot meet the security demand of inter-domain interoperation, and how to achievethe inter-domain interoperation is an urgent problem to be solved during thecross-domain access with ensuring the security of the resources in domains.The existing role based secure interoperation models is studied and analyzed inthe paper. For the neglect of the security risks caused by the user environment in theexisting inter-domain interoperation security model, a trust level and role accesscontrol model(TLRBAC) is proposed in cross-domain access. User trust level,platform trust level and domain trust level are introduced, the method of inter-domaininteroperation is constituted in the model. Secure interoperation theorem based onTLRBAC model is proposed and proved. Using the trust level evaluation value ofsecure domain, user and platform, a dynamic trust relationship process is established inthe interoperation process, which is to achieve a dynamic cross-domain authenticationand protect the privacy of the user and platform environment effectively. The conflicttypes and reasons when using TLRBAC model during inter-domain interoperation arealso studied. The conflict detect and dispel methods are proposed, they are also beverified and simulated. Finally, a cross-domain access control system based onTLRBAC model within the Intranet is designed, and some key modules of the systemare also achieved. |
PDF Full Text Request