[go: up one dir, main page]

CN105871880A - Cross-tenant access control method based on trust model in cloud environment - Google Patents

Cross-tenant access control method based on trust model in cloud environment Download PDF

Info

Publication number
CN105871880A
CN105871880A CN201610303258.8A CN201610303258A CN105871880A CN 105871880 A CN105871880 A CN 105871880A CN 201610303258 A CN201610303258 A CN 201610303258A CN 105871880 A CN105871880 A CN 105871880A
Authority
CN
China
Prior art keywords
tenant
user
relationship
trust
users
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN201610303258.8A
Other languages
Chinese (zh)
Other versions
CN105871880B (en
Inventor
邹德清
金海�
闵军
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Huazhong University of Science and Technology
Original Assignee
Huazhong University of Science and Technology
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Huazhong University of Science and Technology filed Critical Huazhong University of Science and Technology
Priority to CN201610303258.8A priority Critical patent/CN105871880B/en
Publication of CN105871880A publication Critical patent/CN105871880A/en
Application granted granted Critical
Publication of CN105871880B publication Critical patent/CN105871880B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/10Network architectures or network communication protocols for network security for controlling access to devices or network resources
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0892Network architectures or network communication protocols for network security for authentication of entities by using authentication-authorization-accounting [AAA] servers or protocols
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/10Protocols in which an application is distributed across nodes in the network

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Business, Economics & Management (AREA)
  • Accounting & Taxation (AREA)
  • Storage Device Security (AREA)

Abstract

本发明公开了一种云环境下基于信任模型的跨租户访问控制方法,针对云计算多租户架构特点,实现一个租户的用户经过相应授权可以访问其他租户的资源,解决租户之间协作带来的资源安全性和隐私性问题。通过定义两种类型的租户信任关系,将租户信任关系概念引入访问控制模型中,反映在两个租户之间的访问控制需求。通过模型元素的定义和模型函数的形式化描述,构造了租户信任模型,以适应云计算多租户的特点,实现跨租户访问控制。

The invention discloses a cross-tenant access control method based on a trust model in a cloud environment. Aiming at the characteristics of a cloud computing multi-tenant architecture, users of one tenant can access resources of other tenants after corresponding authorization, and solve problems caused by collaboration between tenants. Resource security and privacy concerns. By defining two types of tenant trust relationship, the concept of tenant trust relationship is introduced into the access control model, which reflects the access control requirements between two tenants. Through the definition of model elements and the formal description of model functions, a tenant trust model is constructed to adapt to the multi-tenant characteristics of cloud computing and realize cross-tenant access control.

Description

一种云环境下基于信任模型的跨租户访问控制方法A cross-tenant access control method based on trust model in cloud environment

技术领域technical field

本发明属于云计算信息安全领域,更具体地,涉及一种云环境下基于信任模型的跨租户访问控制方法。The invention belongs to the field of cloud computing information security, and more specifically relates to a trust model-based cross-tenant access control method in a cloud environment.

背景技术Background technique

云计算是当前信息技术领域的热门话题之一,是学术界、产业界、政府等均十分关注的焦点,其核心思想是将大量计算资源、存储资源与软件资源链接在一起,形成巨大规模的共享虚拟IT资源池。多租户技术使不同用户共享着相同的资源,是云计算采用的关键技术,也是资源能够动态伸缩和充分利用的关键原因。多租户技术通过按需定制和共享存储的交互方式获得云服务的同时也面临新的挑战:1.未授权租户为了获取商业秘密窃取信息;2.具有部分权限的租户越权访问未授权资源;3.云服务提供商可能对外泄露租户业务信息。因此需要探索解决各实体间复杂交互的可控性难题,通过有效控制租户的访问权限来保护其信息的安全和隐私。Cloud computing is one of the hot topics in the current information technology field, and it is the focus of academia, industry, and government. Its core idea is to link a large number of computing resources, storage resources and software resources together to form a huge scale. Shared virtual IT resource pool. Multi-tenant technology enables different users to share the same resources, which is the key technology adopted by cloud computing and the key reason why resources can be dynamically scaled and fully utilized. Multi-tenant technology also faces new challenges while obtaining cloud services through on-demand customization and shared storage interaction: 1. Unauthorized tenants steal information in order to obtain business secrets; 2. Tenants with partial permissions access unauthorized resources beyond their authority; 3 . The cloud service provider may leak tenant business information to the outside world. Therefore, it is necessary to explore and solve the controllability problem of complex interactions between entities, and to protect the security and privacy of tenants' information by effectively controlling the access rights of tenants.

学术界已经展开了云计算环境下的访问控制技术的研究,主要研究点集中在云计算环境下访问控制模型、基于加密机制的访问控制、虚拟机访问控制等方面。然而在云资源池中,逻辑安全域替代了传统架构模式下的物理安全边界,租户的云资源失去了物理边界域的安全控制,以前分布式环境的访问控制模型并不适用于云中跨边界的租户合作场景。The academic community has launched research on access control technology in the cloud computing environment. The main research points focus on access control models in the cloud computing environment, access control based on encryption mechanisms, and virtual machine access control. However, in the cloud resource pool, the logical security domain replaces the physical security boundary under the traditional architectural model, and the tenant's cloud resources lose the security control of the physical boundary domain. The access control model of the previous distributed environment is not suitable for cross-border in the cloud Tenant cooperation scenarios.

发明内容Contents of the invention

针对现有技术的以上缺陷或改进需求,本发明提供了一种云环境下基于信任模型的跨租户访问控制方法,其目的在于,通过引入租户信任关系至访问控制模型,实现一个租户的用户经过相应授权可以访问其他租户的资源,从而解决租户之间协作带来的资源安全性和隐私性问题。Aiming at the above defects or improvement needs of the prior art, the present invention provides a trust model-based cross-tenant access control method in a cloud environment. Corresponding authorization can access the resources of other tenants, thereby solving the resource security and privacy issues brought about by collaboration between tenants.

为实现上述目的,按照本发明的一个方面,提供了一种云环境下基于信任模型的跨租户访问控制方法,包括以下步骤:In order to achieve the above object, according to one aspect of the present invention, a method for cross-tenant access control based on a trust model in a cloud environment is provided, including the following steps:

(1)用户发送访问请求,接收该访问请求的租户判断用户是否属于本租户,如果是,则调用租户信任模型中的租户内权限分配函数,然后转入步骤(6),否则进入步骤(2);(1) The user sends an access request, and the tenant who receives the access request judges whether the user belongs to the tenant, and if so, calls the tenant’s permission assignment function in the tenant trust model, and then proceeds to step (6), otherwise enters step (2 );

(2)判断用户所属的租户是否与接收该访问请求的租户建立了信任关系,如果是,则进入步骤(3),否则过程结束;(2) judge whether the tenant to which the user belongs has established a trust relationship with the tenant receiving the access request, if yes, then enter step (3), otherwise the process ends;

(3)判断用户所属的租户和接收该访问请求的租户之间的信任关系类型,如果是第一种类型,则转入步骤(4),如果是第二种类型,则转入步骤(5);(3) judge the type of trust relationship between the tenant to which the user belongs and the tenant receiving the access request, if it is the first type, then proceed to step (4), if it is the second type, then proceed to step (5) );

(4)接收该访问请求的租户调用租户信任模型中的跨租户权限分配函数,对发送访问请求的用户授予权限,然后转入步骤(6);(4) The tenant receiving the access request invokes the cross-tenant authority distribution function in the tenant trust model, grants authority to the user who sends the access request, and then proceeds to step (6);

(5)发送访问请求的用户所属的租户调用租户信任模型中的跨租户权限分配函数,从接收访问请求的租户处取得权限并授予给用户,然后转入步骤(6);(5) The tenant to which the user who sent the access request belongs invokes the cross-tenant authority distribution function in the tenant trust model, obtains the authority from the tenant receiving the access request and grants it to the user, and then proceeds to step (6);

(6)用户使用被授予的权限执行访问操作。(6) The user performs the access operation with the granted authority.

优选地,租户信任模型具有如下模型元素:Preferably, the tenant trust model has the following model elements:

租户,其为使用云服务的企业、部门或组织;Tenants, which are enterprises, departments or organizations using cloud services;

用户,其为访问云平台中租户资源的主体,每个用户都有一个唯一的所有者租户,而租户有多个用户,用户根据授予的权限访问租户资源,进行相关的业务处理。Users, who are the subject of accessing tenant resources in the cloud platform, each user has a unique owner tenant, and a tenant has multiple users, users access tenant resources according to the granted permissions, and perform related business processing.

权限,其为存在于租户内的一种规范的特权,每个权限只有一个所有者租户,租户有多个权限。Permission, which is a normative privilege that exists in a tenant. Each permission has only one owner tenant, and a tenant has multiple permissions.

优选地,若信任关系为第一种类型,信任关系确立后,租户A可以向租户B公开其部分或全部用户信息,目的是租户B可基于租户A的用户信息分配租户B的权限给租户A的用户,完成跨租户授权分配;若信任关系为第二种类型,信任关系确立后,租户A可以将授权分配的控制权委托给租户B,目的是租户B可以把租户A的权限分配给租户B内的用户,完成跨租户授权分配。Preferably, if the trust relationship is the first type, after the trust relationship is established, tenant A can disclose some or all of its user information to tenant B, so that tenant B can assign tenant B's permissions to tenant A based on tenant A's user information users, complete cross-tenant authorization distribution; if the trust relationship is the second type, after the trust relationship is established, tenant A can delegate the control of authorization distribution to tenant B, the purpose is that tenant B can assign the authority of tenant A to tenant Users in B complete cross-tenant authorization assignment.

优选地,租户信任模型具有如下函数,用以表示模型元素之间的关系:Preferably, the tenant trust model has the following functions to represent the relationship between model elements:

(1)建立信任关系:租户集Tenants与租户集Tenants之间的一个二元关系, (1) Establish a trust relationship: a binary relationship between the tenant set Tenants and the tenant set Tenants,

(2)租户用户创建:租户集Tenants和用户集Users之间的一个二元关系,租户和用户之间是一对多关系,一个租户可以有多个用户,一个用户只能属于某一个租户;(2) Tenant user creation: a binary relationship between the tenant set Tenants and the user set Users, There is a one-to-many relationship between tenants and users. A tenant can have multiple users, and a user can only belong to a certain tenant;

(3)租户权限创建:租户集Tenants和权限集Permissions之间的一个二元关系,租户和权限之间是一对多关系,一个租户可以有多种权限,一种权限只能属于某一个租户;(3) Creation of tenant permissions: a binary relationship between the tenant set Tenants and the permission set Permissions, There is a one-to-many relationship between tenants and permissions. A tenant can have multiple permissions, and a permission can only belong to a certain tenant;

(4)租户内权限分配:租户内的权限集Permissions和用户集Users之间的一个二元关系,用户和权限之间是多对多关系,一个用户可以有多种权限,一种权限可以分配给多个用户。用户-权限分配由租户管理员指定。(4) Permission allocation within the tenant: a binary relationship between the permission set Permissions and the user set Users within the tenant, There is a many-to-many relationship between users and permissions. A user can have multiple permissions, and a permission can be assigned to multiple users. User-right assignments are specified by the tenant administrator.

(5)跨租户权限分配:一个租户的用户集和另一租户的权限集之间的二元关系,用户和权限之间是多对多关系,一个用户可以有多种权限,一种权限可以分配给多个用户。(5) Cross-tenant permission assignment: a binary relationship between one tenant’s user set and another tenant’s permission set, There is a many-to-many relationship between users and permissions. A user can have multiple permissions, and a permission can be assigned to multiple users.

优选地,租户信任关系分为两类:Preferably, tenant trust relationships are divided into two categories:

(1)委托人向受托人公开其用户信息,受托人基于用户信息分配其权限给委托人的用户。(1) The trustor discloses its user information to the trustee, and the trustee assigns its authority to the trustor's users based on the user information.

(2)委托人将跨租户授权分配的控制权委托给受托人,受托人从委托人处取得访问权限。(2) The principal delegates the control of cross-tenant authorization distribution to the trustee, and the trustee obtains access rights from the principal.

优选地,租户信任关系具有以下性质:Preferably, the tenant trust relationship has the following properties:

(1)租户信任关系是租户之间的二元关系从委托人到受托人;(1) The tenant trust relationship is a binary relationship between tenants from the principal to the trustee;

(2)租户总是信任其本身,租户域内访问不受信任关系影响;(2) The tenant always trusts itself, and the access within the tenant domain is not affected by the trust relationship;

(3)为了控制信任关系的传播以及启用,信任关系只能经由委托人发起并由受托人同意后建立,不能从其他信任关系的组合间接推断;(3) In order to control the dissemination and activation of the trust relationship, the trust relationship can only be established through the initiation of the trustor and the consent of the trustee, and cannot be indirectly inferred from the combination of other trust relationships;

(4)信任关系是单向的以及在每个方向独立。单个租户可以在一个信任关系中是委托人,在另一个是受托人。(4) The trust relationship is unidirectional and independent in each direction. A single tenant can be a principal in one trust relationship and a trustee in another.

总体而言,通过本发明所构思的以上技术方案与现有技术相比,能够取得下列有益效果:Generally speaking, compared with the prior art, the above technical solutions conceived by the present invention can achieve the following beneficial effects:

(1)本发明适用于云平台租户间协作的场景:用户识别部分,由于采用了步骤(1)和步骤(2),使租户可以根据用户的情况选择相应的访问控制方案,实现细粒度以租户为单位的访问控制,并且满足了云环境下的多样化需求。(1) The present invention is applicable to the scene of cooperation between tenants of the cloud platform: for the user identification part, due to the adoption of steps (1) and (2), the tenant can select the corresponding access control scheme according to the user's situation, and realize fine-grained and Tenant-based access control, and meets the diverse needs of the cloud environment.

(2)本发明解决了跨租户访问安全和隐私问题:由于采用了步骤(3)、步骤(4)和步骤(5),只有租户间建立了信任关系,用户才能够被授予其他租户的资源访问权限,实现跨租户访问控制,为租户了提供个性化的服务需求。(2) The present invention solves cross-tenant access security and privacy issues: due to the adoption of step (3), step (4) and step (5), only when a trust relationship is established between tenants, can the user be granted the resources of other tenants Access rights, realize cross-tenant access control, and provide tenants with personalized service requirements.

(3)本发明具有设计合理、结构简单、配置灵活等特点,基于此方法可以进一步扩展现有访问控制模型,具有很好的推广使用价值。(3) The present invention has the characteristics of reasonable design, simple structure, flexible configuration, etc. Based on this method, the existing access control model can be further expanded, and has good promotion and use value.

附图说明Description of drawings

图1是本发明云环境下基于信任模型的跨租户访问控制方法的流程图;Fig. 1 is the flowchart of the cross-tenant access control method based on the trust model under the cloud environment of the present invention;

图2是本发明涉及的租户信任模型的示意图。Fig. 2 is a schematic diagram of a tenant trust model involved in the present invention.

具体实施方式detailed description

为了使本发明的目的、技术方案及优点更加清楚明白,以下结合附图及实施例,对本发明进行进一步详细说明。应当理解,此处所描述的具体实施例仅仅用以解释本发明,并不用于限定本发明。此外,下面所描述的本发明各个实施方式中所涉及到的技术特征只要彼此之间未构成冲突就可以相互组合。In order to make the object, technical solution and advantages of the present invention clearer, the present invention will be further described in detail below in conjunction with the accompanying drawings and embodiments. It should be understood that the specific embodiments described here are only used to explain the present invention, not to limit the present invention. In addition, the technical features involved in the various embodiments of the present invention described below can be combined with each other as long as they do not constitute a conflict with each other.

如图1所示,本发明云环境下基于信任模型的跨租户访问控制方法包括以下步骤:As shown in Figure 1, the cross-tenant access control method based on the trust model under the cloud environment of the present invention comprises the following steps:

(1)租户接收用户发送的访问请求,并判断用户是否属于本租户,如果是,则调用租户信任模型中的租户内权限分配函数,然后转入步骤(6),否则进入步骤(2);(1) The tenant receives the access request sent by the user, and judges whether the user belongs to the tenant, and if so, calls the permission assignment function within the tenant in the tenant trust model, and then proceeds to step (6), otherwise proceeds to step (2);

(2)判断用户所属的租户是否与接收该访问请求的租户建立了信任关系,如果是,则进入步骤(3),否则过程结束;(2) judge whether the tenant to which the user belongs has established a trust relationship with the tenant receiving the access request, if yes, then enter step (3), otherwise the process ends;

(3)判断用户所属的租户和接收该访问请求的租户之间的信任关系类型,如果是第一种类型,则转入步骤(4),如果是第二种类型,则转入步骤(5);(3) judge the type of trust relationship between the tenant to which the user belongs and the tenant receiving the access request, if it is the first type, then proceed to step (4), if it is the second type, then proceed to step (5) );

(4)接收该访问请求的租户调用租户信任模型中的跨租户权限分配函数,对发送访问请求的用户授予权限,然后转入步骤(6);(4) The tenant receiving the access request invokes the cross-tenant authority distribution function in the tenant trust model, grants authority to the user who sends the access request, and then proceeds to step (6);

(5)发送访问请求的用户所属的租户调用租户信任模型中的跨租户权限分配函数,从接收访问请求的租户处取得权限并授予给用户,然后转入步骤(6);(5) The tenant to which the user who sent the access request belongs invokes the cross-tenant authority distribution function in the tenant trust model, obtains the authority from the tenant receiving the access request and grants it to the user, and then proceeds to step (6);

(6)用户使用被授予的权限执行访问操作。(6) The user performs the access operation with the granted authority.

如图2所示,在本发明中,租户信任模型具有如下模型元素:As shown in Figure 2, in the present invention, the tenant trust model has the following model elements:

(1)租户:使用云服务的企业、部门或组织,记为Tenants={t1,t2,…,tn},表示所有租户的集合,在实践中通常将租户映射到其租赁的云服务专用虚拟域,云用户的活动和资源访问是被定义在一个租户域内的。(1) Tenants: Enterprises, departments or organizations that use cloud services, recorded as Tenants={t 1 , t 2 ,…,t n }, representing the collection of all tenants, in practice, tenants are usually mapped to the cloud they lease With service-specific virtual domains, cloud user activities and resource access are defined within a tenant domain.

(2)用户:访问云平台中租户资源的主体,记为Users={u1,u2,…,un},表示所有用户的集合。每个用户都有一个唯一的所有者租户,而租户有多个用户。用户根据授予的权限访问租户资源,进行相关的业务处理。(2) User: the subject who accesses tenant resources in the cloud platform, recorded as Users={u 1 , u 2 ,..., u n }, which represents the set of all users. Each user has a unique owner tenant, and a tenant has multiple users. Users access tenant resources according to the granted permissions and perform related business processing.

(3)权限:权限是存在于租户内的一种规范的特权,记为Permissions={p1,p2,…,pn},表示所有权限的集合。每个权限只有一个所有者租户,租户有多个权限。(3) Permission: Permission is a normative privilege existing in a tenant, recorded as Permissions={p 1 , p 2 , . . . , p n }, which represents the set of all permissions. Each permission has only one owner tenant, and a tenant has multiple permissions.

租户信任模型具有如下函数,用以表示模型元素之间的关系:The tenant trust model has the following functions to represent the relationship between model elements:

(1)建立信任关系:租户集Tenants与租户集Tenants之间的一个二元关系, (1) Establish a trust relationship: a binary relationship between the tenant set Tenants and the tenant set Tenants,

租户信任关系分为两类:There are two types of tenant trust relationships:

1-1)委托人向受托人公开其用户信息,受托人基于用户信息分配其权限给委托人的用户。1-1) The trustor discloses its user information to the trustee, and the trustee assigns its authority to the trustor's users based on the user information.

1-2)委托人将跨租户授权分配的控制权委托给受托人,受托人从委托人处取得访问权限。1-2) The principal delegates the control of cross-tenant authorization distribution to the trustee, and the trustee obtains access rights from the principal.

(2)租户用户创建:租户集Tenants和用户集Users之间的一个二元关系,租户和用户之间是一对多关系,一个租户可以有多个用户,一个用户只能属于某一个租户。相应地,函数userOwner(u)映射一个用户到它的所有者租户,当满足(u,t)∈TU时userOwner(u)=t;(2) Tenant user creation: a binary relationship between the tenant set Tenants and the user set Users, There is a one-to-many relationship between tenants and users. A tenant can have multiple users, and a user can only belong to a certain tenant. Correspondingly, the function userOwner(u) maps a user to its owner tenant, userOwner(u)=t when (u,t)∈TU is satisfied;

(3)租户权限创建:租户集Tenants和权限集Permissions之间的一个二元关系,租户和权限之间是一对多关系,一个租户可以有多种权限,一种权限只能属于某一个租户。相应地,函数permOwner(p)映射一个权限到它的所有者租户,当满足(p,t)∈TP时permOwner(p)=t;(3) Creation of tenant permissions: a binary relationship between the tenant set Tenants and the permission set Permissions, There is a one-to-many relationship between tenants and permissions. A tenant can have multiple permissions, and a permission can only belong to a certain tenant. Correspondingly, the function permOwner(p) maps a permission to its owner tenant, when (p,t)∈TP satisfies permOwner(p)=t;

(4)租户内权限分配:租户内的权限集Permissions和用户集Users之间的一个二元关系,用户和权限之间是多对多关系,一个用户可以有多种权限,一种权限可以分配给多个用户。用户-权限分配由租户管理员指定。(4) Permission allocation within the tenant: a binary relationship between the permission set Permissions and the user set Users within the tenant, There is a many-to-many relationship between users and permissions. A user can have multiple permissions, and a permission can be assigned to multiple users. User-right assignments are specified by the tenant administrator.

(5)跨租户权限分配:一个租户的用户集和另一租户的权限集之间的二元关系,用户和权限之间是多对多关系,一个用户可以有多种权限,一种权限可以分配给多个用户。将权限跨租户分配给用户的前提是存在以下信任关系(用符号表示)其中一种:(5) Cross-tenant permission assignment: a binary relationship between one tenant’s user set and another tenant’s permission set, There is a many-to-many relationship between users and permissions. A user can have multiple permissions, and a permission can be assigned to multiple users. Assigning permissions to users across tenants is predicated on the existence of the following trust relationships (noted by Indicates) one of:

实施例Example

(1)租户注册(1) Tenant registration

企业租户计划使用云服务提供商所提供的租户信任关系管理服务。首先企业租户通过注册流程,向云服务提供商提出申请,登记租户信息,包括企业名称、地址、电话等信息;接着提供租户管理员信息(以后使用此管理员创建租户内部用户及权限分配),选择信任关系管理服务的具体功能模块,如申请、允许、撤销等。Enterprise tenants plan to use the tenant trust relationship management services provided by cloud service providers. First, the enterprise tenant applies to the cloud service provider through the registration process, and registers the tenant information, including company name, address, phone number and other information; then provides the tenant administrator information (use this administrator to create tenant internal users and assign permissions later), Select the specific functional modules of the trust relationship management service, such as application, permission, and revocation.

(2)内部访问控制建模(2) Internal access control modeling

租户管理员可选择云服务提供商所提供的三种访问控制类型(自主访问控制、强制访问控制和基于角色访问控制)的其中一种,完成租户内部访问控制建模。Tenant administrators can choose one of the three access control types (discretionary access control, mandatory access control, and role-based access control) provided by cloud service providers to complete tenant internal access control modeling.

(3)跨租户访问控制建模(3) Cross-tenant access control modeling

当租户A需要与租户B进行协作,租户A发出信任申请经由租户B允许后,两者通过租户信任关系管理服务建立信任关系。租户A是委托人,租户B受托人。When tenant A needs to cooperate with tenant B, after tenant A sends out a trust application and is approved by tenant B, the two establish a trust relationship through the tenant trust relationship management service. Tenant A is the settlor and Tenant B is the trustee.

若信任关系为第一种类型,信任关系确立后,租户A可以向租户B公开其部分或全部用户信息,目的是租户B可基于租户A的用户信息分配租户B的权限给租户A的用户,完成跨租户授权分配。If the trust relationship is the first type, after the trust relationship is established, tenant A can disclose some or all of its user information to tenant B. The purpose is that tenant B can assign tenant B's permissions to tenant A's users based on tenant A's user information. Complete the cross-tenant authorization assignment.

若信任关系为第二种类型,信任关系确立后,租户A可以将授权分配的控制权委托给租户B,目的是租户B可以把租户A的权限分配给租户B内的用户,完成跨租户授权分配。If the trust relationship is the second type, after the trust relationship is established, tenant A can delegate the control of authorization distribution to tenant B. The purpose is that tenant B can assign the authority of tenant A to the users in tenant B to complete cross-tenant authorization. distribute.

本领域的技术人员容易理解,以上所述仅为本发明的较佳实施例而已,并不用以限制本发明,凡在本发明的精神和原则之内所作的任何修改、等同替换和改进等,均应包含在本发明的保护范围之内。It is easy for those skilled in the art to understand that the above descriptions are only preferred embodiments of the present invention, and are not intended to limit the present invention. Any modifications, equivalent replacements and improvements made within the spirit and principles of the present invention, All should be included within the protection scope of the present invention.

Claims (6)

1.一种云环境下基于信任模型的跨租户访问控制方法,其特征在于,包括以下步骤:1. A cross-tenant access control method based on a trust model under a cloud environment, characterized in that, comprising the following steps: (1)用户发送访问请求,接收该访问请求的租户判断用户是否属于本租户,如果是,则调用租户信任模型中的租户内权限分配函数,然后转入步骤(6),否则进入步骤(2);(1) The user sends an access request, and the tenant who receives the access request judges whether the user belongs to the tenant, and if so, calls the tenant’s permission assignment function in the tenant trust model, and then proceeds to step (6), otherwise enters step (2 ); (2)判断用户所属的租户是否与接收该访问请求的租户建立了信任关系,如果是,则进入步骤(3),否则过程结束;(2) judge whether the tenant to which the user belongs has established a trust relationship with the tenant receiving the access request, if yes, then enter step (3), otherwise the process ends; (3)判断用户所属的租户和接收该访问请求的租户之间的信任关系类型,如果是第一种类型,则转入步骤(4),如果是第二种类型,则转入步骤(5);(3) judge the type of trust relationship between the tenant to which the user belongs and the tenant receiving the access request, if it is the first type, then proceed to step (4), if it is the second type, then proceed to step (5) ); (4)接收该访问请求的租户调用租户信任模型中的跨租户权限分配函数,对发送访问请求的用户授予权限,然后转入步骤(6);(4) The tenant receiving the access request invokes the cross-tenant authority distribution function in the tenant trust model, grants authority to the user who sends the access request, and then proceeds to step (6); (5)发送访问请求的用户所属的租户调用租户信任模型中的跨租户权限分配函数,从接收访问请求的租户处取得权限并授予给用户,然后转入步骤(6);(5) The tenant to which the user who sent the access request belongs invokes the cross-tenant authority distribution function in the tenant trust model, obtains the authority from the tenant receiving the access request and grants it to the user, and then proceeds to step (6); (6)用户使用被授予的权限执行访问操作。(6) The user performs the access operation with the granted authority. 2.根据权利要求1所述的跨租户访问控制方法,其特征在于,租户信任模型具有如下模型元素:2. The cross-tenant access control method according to claim 1, wherein the tenant trust model has the following model elements: 租户,其为使用云服务的企业、部门或组织;Tenants, which are enterprises, departments or organizations using cloud services; 用户,其为访问云平台中租户资源的主体,每个用户都有一个唯一的所有者租户,而租户有多个用户,用户根据授予的权限访问租户资源,进行相关的业务处理。Users, who are the subject of accessing tenant resources in the cloud platform, each user has a unique owner tenant, and a tenant has multiple users, users access tenant resources according to the granted permissions, and perform related business processing. 权限,其为存在于租户内的一种规范的特权,每个权限只有一个所有者租户,租户有多个权限。Permission, which is a normative privilege that exists in a tenant. Each permission has only one owner tenant, and a tenant has multiple permissions. 3.根据权利要求2所述的跨租户访问控制方法,其特征在于,若信任关系为第一种类型,信任关系确立后,租户A可以向租户B公开其部分或全部用户信息,目的是租户B可基于租户A的用户信息分配租户B的权限给租户A的用户,完成跨租户授权分配;若信任关系为第二种类型,信任关系确立后,租户A可以将授权分配的控制权委托给租户B,目的是租户B可以把租户A的权限分配给租户B内的用户,完成跨租户授权分配。3. The cross-tenant access control method according to claim 2, characterized in that, if the trust relationship is the first type, after the trust relationship is established, tenant A can disclose some or all of its user information to tenant B, the purpose is that the tenant B can assign the permissions of tenant B to the users of tenant A based on the user information of tenant A to complete the cross-tenant authorization distribution; if the trust relationship is the second type, after the trust relationship is established, tenant A can delegate the control of authorization distribution to Tenant B, the purpose is that tenant B can assign the permissions of tenant A to users in tenant B, and complete the cross-tenant authorization distribution. 4.根据权利要求3所述的跨租户访问控制方法,其特征在于,租户信任模型具有如下函数,用以表示模型元素之间的关系:4. The cross-tenant access control method according to claim 3, wherein the tenant trust model has the following functions to represent the relationship between model elements: (1)建立信任关系:租户集Tenants与租户集Tenants之间的一个二元关系, (1) Establish a trust relationship: a binary relationship between the tenant set Tenants and the tenant set Tenants, (2)租户用户创建:租户集Tenants和用户集Users之间的一个二元关系,租户和用户之间是一对多关系,一个租户可以有多个用户,一个用户只能属于某一个租户;(2) Tenant user creation: a binary relationship between the tenant set Tenants and the user set Users, There is a one-to-many relationship between tenants and users. A tenant can have multiple users, and a user can only belong to a certain tenant; (3)租户权限创建:租户集Tenants和权限集Permissions之间的一个二元关系,租户和权限之间是一对多关系,一个租户可以有多种权限,一种权限只能属于某一个租户;(3) Creation of tenant permissions: a binary relationship between the tenant set Tenants and the permission set Permissions, There is a one-to-many relationship between tenants and permissions. A tenant can have multiple permissions, and a permission can only belong to a certain tenant; (4)租户内权限分配:租户内的权限集Permissions和用户集Users之间的一个二元关系,用户和权限之间是多对多关系,一个用户可以有多种权限,一种权限可以分配给多个用户。用户-权限分配由租户管理员指定。(4) Permission allocation within the tenant: a binary relationship between the permission set Permissions and the user set Users within the tenant, There is a many-to-many relationship between users and permissions. A user can have multiple permissions, and a permission can be assigned to multiple users. User-right assignments are specified by the tenant administrator. (5)跨租户权限分配:一个租户的用户集和另一租户的权限集之间的二元关系,用户和权限之间是多对多关系,一个用户可以有多种权限,一种权限可以分配给多个用户。(5) Cross-tenant permission assignment: a binary relationship between one tenant’s user set and another tenant’s permission set, There is a many-to-many relationship between users and permissions. A user can have multiple permissions, and a permission can be assigned to multiple users. 5.根据权利要求4所述的跨租户访问控制方法,其特征在于,租户信任关系分为两类:5. The cross-tenant access control method according to claim 4, wherein the tenant trust relationship is divided into two categories: (1)委托人向受托人公开其用户信息,受托人基于用户信息分配其权限给委托人的用户。(1) The trustor discloses its user information to the trustee, and the trustee assigns its authority to the trustor's users based on the user information. (2)委托人将跨租户授权分配的控制权委托给受托人,受托人从委托人处取得访问权限。(2) The principal delegates the control of cross-tenant authorization distribution to the trustee, and the trustee obtains access rights from the principal. 6.根据权利要求5所述的跨租户访问控制方法,其特征在于,租户信任关系具有以下性质:6. The cross-tenant access control method according to claim 5, wherein the tenant trust relationship has the following properties: (1)租户信任关系是租户之间的二元关系从委托人到受托人;(1) The tenant trust relationship is a binary relationship between tenants from the principal to the trustee; (2)租户总是信任其本身,租户域内访问不受信任关系影响;(2) The tenant always trusts itself, and the access within the tenant domain is not affected by the trust relationship; (3)为了控制信任关系的传播以及启用,信任关系只能经由委托人发起并由受托人同意后建立,不能从其他信任关系的组合间接推断;(3) In order to control the dissemination and activation of the trust relationship, the trust relationship can only be established through the initiation of the trustor and the consent of the trustee, and cannot be indirectly inferred from the combination of other trust relationships; (4)信任关系是单向的以及在每个方向独立。单个租户可以在一个信任关系中是委托人,在另一个是受托人。(4) The trust relationship is unidirectional and independent in each direction. A single tenant can be a principal in one trust relationship and a trustee in another.
CN201610303258.8A 2016-05-10 2016-05-10 Across tenant access control method based on trust model under a kind of cloud environment Active CN105871880B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201610303258.8A CN105871880B (en) 2016-05-10 2016-05-10 Across tenant access control method based on trust model under a kind of cloud environment

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201610303258.8A CN105871880B (en) 2016-05-10 2016-05-10 Across tenant access control method based on trust model under a kind of cloud environment

Publications (2)

Publication Number Publication Date
CN105871880A true CN105871880A (en) 2016-08-17
CN105871880B CN105871880B (en) 2018-11-06

Family

ID=56631592

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201610303258.8A Active CN105871880B (en) 2016-05-10 2016-05-10 Across tenant access control method based on trust model under a kind of cloud environment

Country Status (1)

Country Link
CN (1) CN105871880B (en)

Cited By (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109756527A (en) * 2017-11-01 2019-05-14 阿里巴巴集团控股有限公司 Data sharing method, apparatus and system
CN110968858A (en) * 2018-09-30 2020-04-07 北京国双科技有限公司 User authority control method and system
CN111182058A (en) * 2019-12-30 2020-05-19 福建天泉教育科技有限公司 Method and storage medium for realizing cross-tenant access at Android terminal
CN111988173A (en) * 2020-08-19 2020-11-24 北京安瑞志远科技有限公司 Tenant management platform and tenant management method based on multi-layer parent-child structure tenant
CN112579999A (en) * 2019-09-30 2021-03-30 北京国双科技有限公司 Data processing method and device
CN114070600A (en) * 2021-11-11 2022-02-18 上海电气集团数字科技有限公司 Industrial Internet field identity access control method based on zero trust model
CN114503632A (en) * 2019-10-07 2022-05-13 上海诺基亚贝尔股份有限公司 Adaptive Mutual Trust Model for Dynamic and Diverse Multi-Domain Networks
CN114884653A (en) * 2022-04-02 2022-08-09 华南理工大学 Multi-tenant oriented cross-tenant access method, system, device and medium

Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101242277A (en) * 2008-03-11 2008-08-13 南京邮电大学 Trust-Based Authorization and Delegation Method in Grid Environment
CN101453476A (en) * 2009-01-06 2009-06-10 中国人民解放军信息工程大学 Cross domain authentication method and system
CN101729321A (en) * 2009-12-22 2010-06-09 北京理工大学 Dynamic cross-domain access control method based on trust evaluation mechanism
CN101888341A (en) * 2010-07-20 2010-11-17 上海交通大学 Access Control Method Based on Computable Reputation in Distributed Multi-trust Domain Environment
WO2012004185A1 (en) * 2010-07-08 2012-01-12 International Business Machines Corporation Resource access management
CN102571821A (en) * 2012-02-22 2012-07-11 浪潮电子信息产业股份有限公司 Cloud security access control model
CN105074685A (en) * 2013-03-15 2015-11-18 国际商业机器公司 Multi-tenancy Support for Enterprise Social Business Computing

Patent Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101242277A (en) * 2008-03-11 2008-08-13 南京邮电大学 Trust-Based Authorization and Delegation Method in Grid Environment
CN101453476A (en) * 2009-01-06 2009-06-10 中国人民解放军信息工程大学 Cross domain authentication method and system
CN101729321A (en) * 2009-12-22 2010-06-09 北京理工大学 Dynamic cross-domain access control method based on trust evaluation mechanism
WO2012004185A1 (en) * 2010-07-08 2012-01-12 International Business Machines Corporation Resource access management
CN101888341A (en) * 2010-07-20 2010-11-17 上海交通大学 Access Control Method Based on Computable Reputation in Distributed Multi-trust Domain Environment
CN102571821A (en) * 2012-02-22 2012-07-11 浪潮电子信息产业股份有限公司 Cloud security access control model
CN105074685A (en) * 2013-03-15 2015-11-18 国际商业机器公司 Multi-tenancy Support for Enterprise Social Business Computing

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
羌卫中,金海,石宣化,邹德清: "基于分布式信任管理机制的网络授权研究", 《华中科技大学学报》 *

Cited By (13)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109756527B (en) * 2017-11-01 2022-01-21 阿里巴巴集团控股有限公司 Data sharing method, device and system
CN109756527A (en) * 2017-11-01 2019-05-14 阿里巴巴集团控股有限公司 Data sharing method, apparatus and system
CN110968858A (en) * 2018-09-30 2020-04-07 北京国双科技有限公司 User authority control method and system
CN112579999A (en) * 2019-09-30 2021-03-30 北京国双科技有限公司 Data processing method and device
CN114503632A (en) * 2019-10-07 2022-05-13 上海诺基亚贝尔股份有限公司 Adaptive Mutual Trust Model for Dynamic and Diverse Multi-Domain Networks
US12335289B2 (en) 2019-10-07 2025-06-17 Nokia Technologies Oy Adaptive mutual trust model for dynamic and diversity multi-domain network
CN111182058A (en) * 2019-12-30 2020-05-19 福建天泉教育科技有限公司 Method and storage medium for realizing cross-tenant access at Android terminal
CN111182058B (en) * 2019-12-30 2022-07-26 福建天泉教育科技有限公司 Method and storage medium for realizing cross-tenant access at Android terminal
CN111988173B (en) * 2020-08-19 2023-09-12 北京安瑞志远科技有限公司 Tenant management platform and tenant management method based on multi-layer father-son structure tenant
CN111988173A (en) * 2020-08-19 2020-11-24 北京安瑞志远科技有限公司 Tenant management platform and tenant management method based on multi-layer parent-child structure tenant
CN114070600A (en) * 2021-11-11 2022-02-18 上海电气集团数字科技有限公司 Industrial Internet field identity access control method based on zero trust model
CN114070600B (en) * 2021-11-11 2023-09-29 上海电气集团数字科技有限公司 Industrial Internet domain identity access control method based on zero trust model
CN114884653A (en) * 2022-04-02 2022-08-09 华南理工大学 Multi-tenant oriented cross-tenant access method, system, device and medium

Also Published As

Publication number Publication date
CN105871880B (en) 2018-11-06

Similar Documents

Publication Publication Date Title
CN105871880B (en) Across tenant access control method based on trust model under a kind of cloud environment
US10949557B2 (en) Blockchain-based auditing, instantiation and maintenance of 5G network slices
Kaiwen et al. Attribute-role-based hybrid access control in the internet of things
CN102035849B (en) Method, equipment and system for realizing resource management in cloud computing
US9047462B2 (en) Computer account management system and realizing method thereof
CN105074685B (en) The multi-tenant that the social business of enterprise is calculated supports method, computer-readable medium and system
CN103067406A (en) Access control system and access control method between public cloud and private cloud
US11089028B1 (en) Tokenization federation service
WO2017143975A1 (en) Access control method and platform
CN106302334B (en) Access role obtaining method, device and system
CN105072135A (en) A cloud file sharing authorization and authentication method and system
CN108092945A (en) Definite method and apparatus, the terminal of access rights
CN109413080B (en) Cross-domain dynamic authority control method and system
CN115698998A (en) Secure resource authorization for external identities using remote subject objects
Jin et al. Role and attribute based collaborative administration of intra-tenant cloud iaas
US12250212B2 (en) Computer user credentialing and verification system
WO2020156135A1 (en) Method and device for processing access control policy and computer-readable storage medium
CN112187800A (en) Attribute-based access control method with anonymous access capability
CN114884653A (en) Multi-tenant oriented cross-tenant access method, system, device and medium
CN105376198A (en) Access control method and device
CN118337437A (en) A Kubernetes cluster management method, device, equipment, medium and program product
CN111950866B (en) Role-based multi-tenant organizational structure management systems, methods, devices and media
US9509698B2 (en) Method of establishing a trust relationship for sharing resources between two tenants in a cloud network
CN116155543A (en) An access control method for industrial control systems based on capabilities and blockchain
CN113765925A (en) An Improved Method Based on OSAC and PERM Access Control Model

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant