淡江大學機構典藏:Item 987654321/111160
English  |  正體中文  |  简体中文  |  Items with full text/Total items : 62830/95882 (66%)
Visitors : 4049618      Online Users : 878
RC Version 7.0 © Powered By DSPACE, MIT. Enhanced by NTU Library & TKU Library IR team.
Scope Tips:
  • please add "double quotation mark" for query phrases to get precise results
  • please goto advance search for comprehansive author search
    •  Adv. Search
    HomeLoginUploadHelpAboutAdminister Goto mobile version


    Please use this identifier to cite or link to this item: https://tkuir.lib.tku.edu.tw/dspace/handle/987654321/111160


    Title: 簡易快速的雲端階層授權與強制機制模式之研究
    Other Titles: A fast and simple mandatory authorization for cloud hierarchical organization
    Authors: 韓元傑;Han, Yuan-Chieh
    Contributors: 淡江大學資訊管理學系碩士班
    李鴻璋;Lee, Hung-Chang
    Keywords: 階層式;雜湊運算;組織授權;hierarchical structure;Hash Function;organization authorization
    Date: 2016
    Issue Date: 2017-08-24 23:45:29 (UTC+8)
    Abstract: 本論文將基礎的強制型存取控制機制,推展到雲端企業階層式組織型態中。不只資源取用者機密等級要高,而且取用者在階層式組織中也要高於被取用資源。以一個金鑰轉換中心(KDC)做為初始各個階層與使用者的金鑰分配,並公布組織結構表,之後各個使用者便可藉由組織結構表與雜湊運算的方式進行機密等級與階層式授權金鑰的快速推導。
    被授權者必須從兩個層次的機密屬性中得到最後的解密金鑰完成授權。本論文提出一個強化強制型存取控制(MACH)機制,擁有速度極快、強制型與階層式的保護、結構變化少的優點。我們將會與AKL, Lo-Hwang-Liu和蔡佳勳等學者的機制進行比較,我們的機制使用雜湊運算與其他學者所使用的模指數運算在相同安全等級的運算過程中速度差距可達數千倍(BruceSchneier, 1986),以快速的階層授權結合基礎的強制型存取控制來對企業組織的內部完成資訊分級授權。
    This study proposes a basic mandatory access control in cloud hierarchical structure. It considers not only user''s secret level higher than that of file but also the hierarchy levels that users belong to. In the proposed system, Key Derivation Center (KDC) was used for making the first initial private keys generation and their distribution for each group. After that, a table called RAI (Relation-And-ID) associated with related parameters is open. Users can used RAI and hash function to derive the keys that been authorized.

    The user are authorized by the two levels of secret attributes(naming the user level and the group hierarchy) . This study proposes a mandatory access control for organization of hierarchical structure, delivers a much fast operation in cloud hierarchical organization, and affects less parameters when the hierarchical structure changes. The proposed mechanism is also compared with AKL, Lo-Hwang-Liu, and Chia-Hsun Tsai. Besides differences in dealing with the comparison among the parameters, the procedure, and the various hierarchical structures, our mechanism use the hash function as a core calculation, while the other three researches use the modular exponentiation operation. As indicated in (BruceSchneier, 1986), hash function, in the same security level, is faster than modular exponentiation operation by thousands of times. Therefore, our system can attains both a fast hierarchical authorized and basic mandatory access control to secure the authorized information in most business organization.
    Appears in Collections:[Graduate Institute & Department of Information Management] Thesis

    Files in This Item:

    File Description SizeFormat
    index.html0KbHTML87View/Open

    All items in 機構典藏 are protected by copyright, with all rights reserved.

    DSpace Software Copyright © 2002-2004  MIT &  Hewlett-Packard  /   Enhanced by   NTU Library & TKU Library IR teams. Copyright ©   - Feedback