通信学报2025,Vol.46Issue(4):238-254,17.DOI:10.11959/j.issn.1000-436x.2025042
面向数据跨域安全流通的访问控制研究综述
Research on access control for secure cross-domain data circulation
摘要
Abstract
To address security risks such as tampering,leakage,and misuse of information stemming from inconsistent authorization mechanisms in data element circulation,the focus was placed on secure cross-domain data circulation.Ini-tially,the challenges associated with cross-domain data access control were systematically examined,followed by an in-depth investigation into the fundamental concepts of cross-domain data circulation and the essential implications of cross-domain access control.Subsequently,a comprehensive review was conducted on access control technologies for se-cure cross-domain data circulation,which encompassed:access control models categorized as provenance-based,purpose-based,and cyberspace-oriented approaches;key policy management technologies involving label mining for policies,policy negotiation and generation,conflict detection and resolution,policy propagation and enforcement,and auditing of anomalous policy execution;policy implementation mechanisms developed based on blockchain technology,data capsules,and data infrastructure.Finally,current challenges in cross-domain data circulation are systematically sum-marized,and future research directions are proposed.关键词
跨域访问控制/数据要素流通/数据使用控制/延伸控制/数据安全Key words
cross-domain access control/data elements circulation/data usage control/extended control/data security分类
信息技术与安全科学引用本文复制引用
李恒,李凤华,史欣怡,郭云川,郭守坤..面向数据跨域安全流通的访问控制研究综述[J].通信学报,2025,46(4):238-254,17.基金项目
国家重点研发计划基金资助项目(No.2023YFB3106304) (No.2023YFB3106304)
国家自然科学基金资助项目(No.U24A20240,No.62441226)The National Key Research and Development Program of China(No.2023YFB3106304),The National Natural Science Foundation of China(No.U24A20240,No.62441226) (No.U24A20240,No.62441226)
