Huang ZhiQiu
Professor
Alma Mater:南京航空航天大学
Education Level:南京航空航天大学
Degree:Doctoral Degree in Engineering
School/Department:College of Computer Science and Technology
Discipline:Cyberspace Security. Computer Science and Technology. Software Engineering
Contact Information:025-84892400
E-Mail:
Hits:
Affiliation of Author(s):计算机科学与技术学院/人工智能学院/软件学院
Journal:Comput Secur
Abstract:In collaborative environment, distributed multiple cyber-physical spaces interoperate with each other aiming to provide an intelligent spatial environment for their users to conduct their collaborative activities. Subjects and objects roam in the physical and cyber spaces among domains to support the completion of the activities. These dynamic behaviors bring great challenges to security issue. The actions of roaming subjects and roaming objects need to be specified and checked against security requirements of constituent domains. However, the existing inter-domain access control models was proposed for the traditional information system and focus on the cyber security. They cannot deal with the intricacies of cross-domain access requests in cyber-physical spaces. In this paper, we propose a formal inter-domain model to specify cyber-physical access control policies and a model checking approach to ensure security requirements hold in these policies. We first present a formal definition of the topology configuration to capture the environment characteristics of the cyber-physical spaces. It provides important contextual information for the access control system. Then, based on topology attributes defined in the topology configuration, a topology-aware inter-domain access control model TA-CPAC is proposed. It can adjust the permission assignment adaptively to react to the behaviors changes of subjects and objects. Next, the topology configuration and TA-CPAC model are formalized by the use of bigraphs and bigraphs reactive systems respectively, which allows us to utilize the model checking technology to reason about that whether the behaviors of roaming subjects and objects satisfy security requirements of all constituent domains. Finally, the effectiveness of our approach is evaluated by a collaborative scenario in a smart city. © 2019 Elsevier Ltd
ISSN No.:0167-4048
Translation or Not:no
Date of Publication:2019-11-01
Co-author:Cao, Yan,W00137,Xie Jian,Wang, Jinyong
Correspondence Author:Huang ZhiQiu
黄志球,男,博士,教授,博士生导师,国家教育部计算机基础教学(理工类)指导委员会委员,国防科技工业质量专家委员会委员 ,中国计算机学会理事、“系统软件”专业委员会副主任、“软件工程”委员,中国电子学会软件定义推进委员会委员,IEEE计算机学会南京分会副主席,CCF南京主席,江苏省计算机学会常务理事,江苏省软件人才基金会理事,工信部重点实验室“高安全系统的软件开发与验证重点实验室”主任。
主要研究方向为工业软件、智能化软件工程、网络空间安全、大数据和云计算等。
近年来承担国家重点研发计划课题、863高技术项目、国家自然科学基金以及各类国防科技型号项目30余项。发表SCI、EI和核心期刊论文100余篇;已培养博士近20名,硕士100余名。获得教育部自然科学奖二等奖1项,省部级科技进步二等奖2项,省部级科技进步三等奖2项,省部级教学成果二等奖2项。
