| 工作流系统中一个基于双权角色的条件化RBAC访问控制模型 |
| |
| 引用本文: | 张健,孙吉贵,李妮娅,胡成全.工作流系统中一个基于双权角色的条件化RBAC访问控制模型[J].计算机科学,2005,32(7):121-124. |
| |
| 作者姓名: | 张健 孙吉贵 李妮娅 胡成全 |
| |
| 作者单位: | 吉林大学 |
| |
| 基金项目: | 国家自然科学基金(60273080),符号计算与知识工程教育部重点实验室支持 |
| |
| 摘 要: | 传统的RBAC访问控制模型已经不能表达复杂的工作流安全访问控制约束。基于传统的RBAC模型,提出了一个新的基于双权角色的条件化RBAC访问控制模型CRDWR(conditioned RBAC based on double—weighted roles)。阐述了基于动态角色分配的条件化RBAC策略,定义了基于双权角色的工作流系统访问授权新概念,并针对多个角色协同执行任务的序约束问题,给出了基于令牌的序约束算法。该模型能够表达复杂的工作流安全访问控制约束。
|
| 关 键 词: | 工作流 条件化RBAC 双权角色 令牌 访问控制 |
A Conditioned RBAC Model Based on Double-weighted Role of Workflow System |
| |
| ZHANG Jian,SUN Ji-gui,LI Ni-ya,HU Cheng-quan.A Conditioned RBAC Model Based on Double-weighted Role of Workflow System[J].Computer Science,2005,32(7):121-124. |
| |
| Authors: | ZHANG Jian SUN Ji-gui LI Ni-ya HU Cheng-quan |
| |
| Affiliation: | ZHANG Jian,SUN Ji-Gui,LI Ni-Ya,HU Cheng-Quan College of Computer Science and Technology,Jilin University,Changchun 130012 Key Laboratory of Symbolic Computation and Knowledge Engineering of Ministry of Education,Jilin University,Changchun 130012 |
| |
| Abstract: | The traditional RBAC model cannot express complicated workflow secure access control constraint. Based on the traditional RBAC model, a new conditioned RBAC model CRDWR (conditioned RBAC based on double- weighted roles) is proposed on the basis of double-weighted roles. A conditioned RBAC strategy is discussed on the basis of dynamic role assignment and a new concept of workflow access authorization is defined on the basis of double- weighted role. A sort algorithm based on token is presented in allusion to the problem of multi-role sequence con straint in the process of executing tasks. The model can express complicated workflow secure access control con- straint. |
| |
| Keywords: | workflow Conditioned RBAC Double-weighted role Token Access control |
| 本文献已被 CNKI 维普 万方数据 等数据库收录! |
|
点击此处可从《计算机科学》下载全文 |
