本文選題：數據安全 + 用戶行為分析�。� 參考：《湖北民族學院》2017年碩士論文

【摘要】：保障數據安全是企業(yè)信息安全工作的首要目標,訪問控制是實現這一目標的重要措施。為了業(yè)務的連續(xù)性,企業(yè)把信息系統(tǒng)集成整合到私有云后,仍然沿用了基于角色為用戶靜態(tài)授權的訪問控制模型,這種機制不能應對合法用戶賬號的濫用或賬號憑證失竊帶來的威脅。本文在企業(yè)私有云環(huán)境下,使用機器學習的方法分析用戶行為,嘗試找到異常的用戶行為,計算用戶行為風險,調整用戶信任等級,從而調整用戶對應的角色,使之按照不同的權限操作企業(yè)的數據和應用子集。通過分析基于角色的訪問控制模型在企業(yè)私有云環(huán)境下存在的不足,提出基于用戶行為分析實現動態(tài)訪問控制的必要性。分析了國內外使用機器學習方法分析用戶行為的發(fā)展現狀、主要方法和應用情況;完成了企業(yè)私有云信息系統(tǒng)集成整合環(huán)境下用戶行為的定義和形式化表示,提出了基于Hadoop和機器學習的用戶行為分析框架。實現了用戶行為數據的采集、存儲、數據預處理和使用機器學習自動分析用戶行為的神經網絡模型,給出了使用Tensor Flow訓練神經網絡和參數調優(yōu)的典型環(huán)境和過程。改進了用戶行為風險值的計算方法,給出了用戶信任等級動態(tài)調整的方法和流程。基于以上研究,提出了一個基于用戶行為分析的企業(yè)私有云動態(tài)訪問控制模型,描述了各個模塊的功能和之間的關系,給出了實現的途徑。本文提出的基于用戶行為分析的動態(tài)訪問控制模型能幫助企業(yè)在私有云環(huán)境下及時發(fā)現未知的安全風險,及時的做出響應,并通過動態(tài)調整用戶信任等級實現動態(tài)訪問控制,從而保障企業(yè)的數據安全。
[Abstract]:To ensure data security is the primary goal of enterprise information security work, access control is an important measure to achieve this goal. For business continuity, enterprises integrate information system integration into private cloud, and still use access control model based on role based user static authorization. This mechanism can not cope with legitimate user accounts. In the private cloud environment, this paper uses machine learning methods to analyze user behavior, tries to find abnormal user behavior, calculates user behavior risk, adjusts user's trust level, and adjusts the user's corresponding role to operate the data and application of the enterprise according to different privileges. By analyzing the shortage of role based access control model in enterprise private cloud environment, the necessity of realizing dynamic access control based on user behavior analysis is proposed. The development status, main methods and application situation of user behavior analysis using machine learning methods at home and abroad are analyzed, and the private cloud information system of enterprise is completed. The user behavior analysis framework based on Hadoop and machine learning is proposed in the integration and integration environment. The user behavior analysis framework based on Hadoop and machine learning is proposed. The neural network model of user behavior data acquisition, storage, data preprocessing and automatic analysis of user behavior by machine learning is implemented, and Tensor Flow is used to train the neural network. And the typical environment and process of parameter tuning. The calculation method of user's behavior risk value is improved and the method and process of dynamic adjustment of user trust level are given. Based on the above research, a dynamic access control model of enterprise private cloud based on user behavior analysis is proposed, and the function and relationship between each module are described, and the relationship between the functions and the relationship of each module is described. The dynamic access control model based on user behavior analysis can help enterprises discover the unknown security risk in the private cloud environment, respond in time, and dynamically adjust the user's trust level to realize the dynamic access control, and ensure the data security of the enterprise.

【學位授予單位】：湖北民族學院
【學位級別】：碩士
【學位授予年份】：2017
【分類號】：TP309

【參考文獻】

相關期刊論文 前10條

1 房梁;殷麗華;郭云川;方濱興;;基于屬性的訪問控制關鍵技術研究綜述[J];計算機學報;2017年07期

2 Xinfeng Ye;;Privacy Preserving and Delegated Access Control for Cloud Applications[J];Tsinghua Science and Technology;2016年01期

3 王于丁;楊家海;徐聰;凌曉;楊洋;;云計算訪問控制技術研究綜述[J];軟件學報;2015年05期

4 馬建紅;趙恒;周建業(yè);;企業(yè)私有云平臺構建技術研究與性能分析[J];重慶郵電大學學報(自然科學版);2014年06期

5 陶威;趙波;向，

本文編號：1800777