The Research Of Access Control Model Under Mobile Environment

Access control technology is one of the traditional research topics in the field of computer security.With the rapid spread of mobile networks,it is difficult for the traditional access control model to meet the needs of flexibility and security.In order to solve the problem,this paper studied the related theories,including mobile Internet,access control technology and trust theory,and then proposed an access control model for mobile environments.The study elaborated the structure of the model,defined the objects involved in the model,described two important modules—the user's trust value module and the resource's life cycle module,explained the overall work flow of the model,as a result,the realization mechanism of the model is explained clearly.The innovations of this paper include the following three points:(1)The study proposed a two-level concept.One is the influence factors of the mobile users' trust value,another is the influence elements of the mobile users' trust value.Influence elements is subordinates to the influence factors.The impact factors include three categories,they are time attribute,location attribute and user behaviors of mobile users.The influence elements include ten categories,such as the average lasting time of user's access and the average distance from the user to the safe position,which providing the basis for calculating the mobile user's trust value.(2)The study proposed the formula for calculating the mobile user's trust value.On the one hand,the formula can reflect the current context of the mobile users.On the one hand,it can also reflect their historical operation behaviors.As a result,the formula describes the change trend of the mobile user's trust value in a mathematical way under different environments.(3)The study combined the mobile user's trust value with the resource's life cycle and then proposed a mechanism of the changing of the user's privilege set.This mechanism can not only grant appropriate rights to legitimate users through the mobile user's trust value,but also limits the users who maliciously accumulate trust value and break resources.Finally,in this paper,experiments are carried out to simulate the adjustment of mobile users' trust value and their permission sets.The first experiment has proved that the calculation method of the mobile user's trust value proposed in the study can effectively reflect the mobile user's environment as well as the user's behavior history;the second experiment has verified that the proposed access control model had a stronger ability of confidentiality and flexibility.More importantly,the one who has achieved the high trust value cannot freely break the valuable data.