KEYWORDS: Data modeling, Computer security, Control systems, Network security, Data transmission, Data processing, Data storage, Data fusion, Systems modeling, Lithium
In this paper, an extended access control mechanism is proposed for controlled sharing of data after data flow in complex network environment, which provides more secure, efficient and personalized data access methods, ensuring that users can flexibly obtain data that meet their requirements. The proposed control mechanism is divided into two categories: constraint control and propagation control. Among them, constraint control solves the problem of access authorization of data before access request by the access request entity, and propagation control is used for extended control of data after data leave the data center. The proposed mechanism realizes direct and indirect access control of data, and takes the whole life control of electronic invoices as an example to show the implementation method of the proposed mechanism.
KEYWORDS: Data modeling, Computer security, Machine learning, Process control, Data privacy, Control systems, Matrices, Clouds, Network security, Telecommunications
Under the background of digital transformation, all kinds of personnel often carry out data analysis and data product development through remote terminals. Once the end user has obtained the data access rights, the middle platform cannot limit the end user's data viewing and copying behavior. However, the current protection measures can only achieve static access control and internal circulation protection, and cannot extend the control and protection of user access behavior. In this paper, a dynamic data access control model supporting multi-link transfer and multi-level inheritance is proposed, and the technical characteristics and model framework of the model are introduced in detail. At the same time, the flow of access control, the dynamic change of permissions, the transfer and inheritance of permissions under tree rules are given in a specific scenario. Finally, the experimental analysis of the model proves that the model can realize the dynamic security protection and fine-grained access control of terminal data.
Access to the requested content is limited to institutions that have purchased or subscribe to SPIE eBooks.
You are receiving this notice because your organization may not have SPIE eBooks access.*
*Shibboleth/Open Athens users─please
sign in
to access your institution's subscriptions.
To obtain this item, you may purchase the complete book in print or electronic format on
SPIE.org.
INSTITUTIONAL Select your institution to access the SPIE Digital Library.
PERSONAL Sign in with your SPIE account to access your personal subscriptions or to use specific features such as save to my library, sign up for alerts, save searches, etc.