Access control technology is one of the key technologies to ensure safe resource sharing. Identity authentication and authority distribution are two key technologies for access control technology to restrict unauthorized users from accessing resources, and only authorised legal users can access resources. However, user privacy protection and frequent permission changes are two thorny issues that need to be solved urgently by access control technology. In this paper, a dynamic access control model based on privacy protection is proposed to deal with these problems. Compared with existing access control technologies, the main advantages of this paper are as follows: (1) Encrypt and hide the attributes of entities, and use attribute-based identity authentication technology for identity authentication, which not only achieves the purpose of traditional identity authentication, but also ensures the attributes and privacy of entities are not leaked; (2) Binding resource access permissions with entity attributes, dynamically assigning and adjusting resource access control permissions through changes in entity attributes, making resource access control more fine-grained and more flexible. Security proof and performance analysis show that the proposed protocol is secure under the hardness assumption of the discrete logarithm problem and the decision bilinear Diffie–Hellman problem. Compared with the cited references, this model has the advantages of low computational complexity, short computational time, and low communication overhead.

访问控制技术是保障资源安全共享的关键技术之一。身份认证和权限分配是访问控制技术限制非授权用户访问资源的两个关键技术，只有经过授权的合法用户才能访问资源。然而，用户隐私保护和频繁的权限变更是访问控制技术亟待解决的两个棘手问题。针对这些问题，本文提出了一种基于隐私保护的动态访问控制模型。与现有的访问控制技术相比，本文的主要优点如下： (1) 对实体的属性进行加密和隐藏，使用基于属性的身份认证技术进行身份认证，既达到了传统身份认证的目的，又保证了实体的属性和隐私不被泄露；(2)将资源访问权限与实体属性绑定，通过实体属性的变化动态分配和调整资源访问控制权限，使资源访问控制更细粒度、更灵活。安全证明和性能分析表明，在离散对数问题和决策双线性 Diffie-Hellman 问题的硬度假设下，所提出的协议是安全的。与引用的参考文献相比，该模型具有计算复杂度低、计算时间短、通信开销低等优点。(2)将资源访问权限与实体属性绑定，通过实体属性的变化动态分配和调整资源访问控制权限，使资源访问控制更细粒度、更灵活。安全证明和性能分析表明，在离散对数问题和决策双线性 Diffie-Hellman 问题的硬度假设下，所提出的协议是安全的。与引用的参考文献相比，该模型具有计算复杂度低、计算时间短、通信开销低等优点。(2)将资源访问权限与实体属性绑定，通过实体属性的变化动态分配和调整资源访问控制权限，使资源访问控制更细粒度、更灵活。安全证明和性能分析表明，在离散对数问题和决策双线性 Diffie-Hellman 问题的硬度假设下，所提出的协议是安全的。与引用的参考文献相比，该模型具有计算复杂度低、计算时间短、通信开销低等优点。安全证明和性能分析表明，在离散对数问题和决策双线性 Diffie-Hellman 问题的硬度假设下，所提出的协议是安全的。与引用的参考文献相比，该模型具有计算复杂度低、计算时间短、通信开销低等优点。安全证明和性能分析表明，在离散对数问题和决策双线性 Diffie-Hellman 问题的硬度假设下，所提出的协议是安全的。与引用的参考文献相比，该模型具有计算复杂度低、计算时间短、通信开销低等优点。