Current rapid increasing implementations in data diversity, autonomy, and dynamic privilege management, fine-grained access controls in social networks have resulted in various challenges in applying existing access control models. The intercrossing relations lead to the complex access control system, which often brings risks when the system is updated or expanded. The implementations of cloud computing has further complicate the access controls due to multiple tenancies and service providers. We focus on this issue and propose a new social network access control model using logical authorization language, named as RuleSN, which can be efficiently used in cloud systems. This model provides high performance of authorization expressiveness and flexibility that can effectively describe relations of User to User (U2U), User to Resource (U2R), Resource to Resource (R2R) and attributes of users and resources. First, this paper elaborates the formal definitions of the RuleSN model. Second, we describe the model's authorization specification and verification policies and explain the syntax and semantics of the authorization language. Finally, the implementation, application, and expressiveness of the model discussed by examples.

• 出版日期2017-7-25
• 单位佛山科学技术学院