Journal of Frontiers of Computer Science and Technology ›› 2016, Vol. 10 ›› Issue (1): 25-35.DOI: 10.3778/j.issn.1673-9418.1503027

Previous Articles     Next Articles

Access Control Model Research for HDFS Based on User Trust Value

SHI Wenhao+, JIANG Guohua, QIN Xiaolin, WANG Sheng   

  1. College of Computer Science and Technology, Nanjing University of Aeronautics and Astronautics, Nanjing 210016, China
  • Online:2016-01-01 Published:2016-01-07


史文浩+,江国华,秦小麟,王  胜   

  1. 南京航空航天大学 计算机科学与技术学院,南京 210016

Abstract: At present, more and more people employ cloud storage to store or backup data in order to enhance the data removability. For the security of cloud storage, researchers mainly focus on privacy disclosure, data disaster tolerance, duplication eliminating and so on. However, few researchers pay attention to access control technology. On the basis of previous research, this paper proposes an access control model for HDFS (Hadoop distributed file system) based on user trust value. The model uses the trusted third party authentication system Kerberos for user authentication, sets a trust value for each user, and controls user access to HDFS dynamically by comparing the trust value and trust threshold. The experimental results show that the model overcomes the shortages of HDFS access control, furthermore, it can also control user access to the HDFS resources dynamically and effectively.

Key words: cloud storage, Hadoop distributed file system (HDFS), access control, trust value

摘要: 目前,越来越多的用户使用云存储来保存或备份数据,以增强数据的可移动性,但针对云存储的安全性问题,研究人员主要关注隐私泄露、数据容灾、副本消除等方面,对访问控制的研究较少。在前人研究的基础上,提出了一种基于用户信任值的HDFS(Hadoop distributed file system)访问控制模型。该模型结合可信赖第三方认证系统Kerberos实现对用户的认证,并为每个用户设定一个信任值,通过信任值与信任值阈值的比较动态控制用户对HDFS的访问。实验结果表明,该模型不仅可以克服HDFS访问控制上的缺陷,而且能够动态、有效地控制用户对HDFS中资源的访问。

关键词: 云存储, HDFS, 访问控制, 信任值