中文摘要：

由于服务聚合要实现异构多态交互过程,必然对安全访问控制模型的性能提出较高的要求.为满足服务聚合的访问控制需求,本文提出了一种异构服务聚合协同访问控制算法ACAHSP.首先,本文剖析了服务聚合中访问的动态情景要素构成,从多维度定义了构成情景的不同要素;然后,提出了基于动态情景状态的状态演算和规则演算的机制,并给出了动态情景机约束下在服务聚合模型ACAHSP;其次,基于CP-ABE算法提出了ACAHSP访问控制模型的安全验证算法,强有力的保证了ACAHSP模型在服务聚合中访问控制机制状态机转换、数据交互的安全性;最后,结合案例进行应用验证,并与已有模型进行对比.

英文摘要：

Since the service aggregation aims to realize heterogeneous, multi-state interactive process, the security access control models also required to acquire higher performance. Under the circumstances of service aggregation, in the paper, we propose an algorithm of cooperative aggregation of disparate services access control, named ACAHSP, to meet the requirements of service aggregation, dynamic ac- cess and centralized control. First, this paper analyzes the constitution of dynamic scene elements in the access of service aggregation, and defines different elements that constitute the scenarios from multiple perspectives. Then, this paper introduces the concept of dynamic situational finite state machine and presents a system of cooperation access gateway model which supports the calculations and rules of the situation under the constraint of dynamic situations. Moreover, based on the CP-ABE algorithm, we propose the ACAHSP algorithm which strongly enhances the security of the finite state machine when changing and data exchanging during the process of service aggregation. Finally, the case study of music service aggregation demonstrates the feasibility and validation of the ACAHSP model compared with other traditional access control models and we then summarize the relative innovativeness between ACAHSP model and existing access control models.