Research on Multicloud Access Control Policy Integration Framework

作     者：Peng Zhao Lifa Wu Zheng Hong He Sun 

作者机构：Command&Control Engineering CollegeArmy Engineering University of PLANanjing 210007China School of Computer ScienceNanjing University of Posts and TelecommunicationsNanjing 210023China PANDA Electronics Group Co.Ltd.Nanjing 210014China 

出 版 物：《China Communications》 (中国通信（英文版）)

年 卷 期：2019年第16卷第9期

页      面：222-234页

核心收录：

学科分类：08[工学] 0812[工学-计算机科学与技术（可授工学、理学学位）] 

基　　金：supported by National Key R&D Program of China (2017YFB0802900) NUPTSF (No. NY219004) 

主　　题：Multicloud access control policyintegration four-value logic 

摘      要：Multicloud access control is important for resource sharing and security interoperability across different clouds,and heterogeneity of access control policy is an important challenge for cloud *** is widely used in distributed environment as a declaratively fine-grained,attribute-based access control policy language,but the policy integration of XACML lacks formal description and theory *** Access Control Policy Integration Framework(MACPIF)is proposed in the paper,which consists of Attribute-based Policy Evaluation Model(ABPEM),Four-value Logic with Completeness(FLC)and Four-value Logic based Policy Integration Operators(FLPIOs).ABPEM evaluates access control policy and extends XACML decision to *** to policy decision set and policy integration characteristics,we construct FLC and define FLPIOs including Intersection,Union,Difference,Implication and *** prove that MACPIF can achieve policy monotonicity,functional completeness,canonical suitability and canonical *** results show that this framework can meet the requirements of policy integration in Multicloud.