中文摘要：

为了解决广域信息管理（system wide information management,SWIM）信息安全问题,根据SWIM面向服务的系统架构（service-oriented architecture,SOA）的特点,设计SWIM的访问策略,提出了一种基于属性密码（attribute-based encryption,ABE）的授权方法.该方法根据SWIM访问结构中分布性、异构性和动态性的特点,采用密文访问策略（cipher policy-attribute based encryption,CP-ABE）实现.在模拟环境中对该方法进行仿真实验和安全性分析,实验结果表明：该方法支持SWIM航空用户细粒度的授权,降低了SWIM授权管理的复杂度,提高了SWIM系统的安全性.

英文摘要：

System wide information management （ SWIM ） is a fundamental network system, which supports aviation collaborative decision making （ CDM） by using big data analysis. Likewise data security and privacy protection issues exist while providing aeronautical information exchange and data sharing. According to the service -oriented architecture （ SOA） of SWIM, an authorization approach based on attribute-based encryption （ ABE） was proposed to solve the problem of SWIM information security. Cipher policy- attribute based encryption （ CP-ABE ） was applied to meet the characteristics of distributives,heterogeneousness and dynamic in SWIM access structure. Experiments on the security of SWIM authorization approach based on the CP-ABE algorithm were performed in simulation environment. Results indicate that the proposed approach supports fine-grained authorization for the aviation users of SWIM with more security and lower complexity.