Research On Access Control Using Purpose And Rule Resoning For Data Base

With the rapid development of human beings into the information society,database technology has been more applied to the production and life of human beings,which is used as a tool for data storage.Database provides people with convenient services,but at the same time,the security of privacy data in the database is also growing.In order to solve this problem,the database research community put forward the use of the purpose of access as the decision condition of the database access control,and then put forward an access control model based on the purpose.However,with the continuous deepening of the application scenarios,the source control of access purpose is gradually exposed.Based on the existing access control technology researches,this thesis mainly aiming at the existing problems in the purpose based access control model research.The specific work and research results are as follows:(1)For the problem of hard binding of access request and purpose in existing access control model,a purpose and rule reasoning based access control model(PCRAC)is proposed.The model introduces the concept of purpose rule.In the process of accessing the database,the context information carried by user’s request trigger the corresponding purpose rules,the rule triggered assign access purpose to the current request.In this way,the dynamic binding between the access request and the access purpose is achieved.The experimental results show that the PCRAC model proposed in this thesis can effectively identify the malicious access request.(2)In order to improve the PCRAC model’s purpose rule set generation method,a purpose rule mining method is proposed.Through frequent rules mining of user’s access records,a set of purpose rules are generated to describe the normal behavior profile of the user.Through experiments,it shows that,under the suitable parameter condition,the target rule set which is constructed by this method can accurately identify the abnormal behavior of users.(3)Based on the research of the purpose based access control model on database,we propose a purpose based privacy data security mechanism in cloud database,which is applied in Security HBase as the access control module.The improved HBase can make up the weak access control ability of the existing cloud database,and solve the problem of the control mechanism of the privacy data access.With the effectiveness experiment,it shows that the privacy data access control mechanism can provide effective privacy protection based on the high performance and scalability of the cloud database.