| 基于受控对象的多主体访问控制模型 |
| |
| 引用本文: | 李长城,刘成颖,洪名松,蔡魏.基于受控对象的多主体访问控制模型[J].计算机集成制造系统,2005,11(3):342-346. |
| |
| 作者姓名: | 李长城 刘成颖 洪名松 蔡魏 |
| |
| 作者单位: | 清华大学,精密仪器与机械学系,北京,100084;辽宁工程技术大学,机械工程学院,辽宁,阜新,123000 |
| |
| 基金项目: | 国家863/CIMS主题资助项目(2001AA412130)~~ |
| |
| 摘 要: | 在研究和分析基于角色的访问控制模型、基于组的访问控制模型等的基础上,结合工艺信息管理的特点,提出了基于受控对象的多主体访问控制模型。该模型能够利用受控对象之间的继承关系对访问控制策略进行继承,同时将访问控制的主体扩展为多种,实现针对单个用户和对象实例的细粒度的访问控制,具有授权操作简单、高效和易于表达的特点。该模型在进行权限控制时考虑了执行的上下文环境,是一种动态访问控制模型。最后给出了一个应用实例。
|
| 关 键 词: | 访问控制 工艺信息管理 基于受控对象 动态安全模型 |
| 文章编号: | 1006-5911(2005)03-0342-05 |
| 修稿时间: | 2004年3月22日 |
Object-based multi-subject access control model |
| |
| LI Chang-cheng,LIU Cheng-ying,HONG Ming-song,CAI Wei.Object-based multi-subject access control model[J].Computer Integrated Manufacturing Systems,2005,11(3):342-346. |
| |
| Authors: | LI Chang-cheng LIU Cheng-ying HONG Ming-song CAI Wei |
| |
| Affiliation: | LI Chang-cheng~1,LIU Cheng-ying~1,HONG Ming-song~1,CAI Wei~2 |
| |
| Abstract: | Based on study of the role-based access control (RBAC) model and the team-based access control (TMAC) model, combined with the characteristics of the technological process information management, an object-based multi-subject access control model was proposed. In this model, object's access control strategy could be inherited through the object's inheritance hierarchies and the type of access subject was expanded to more types. The model implemented a fine-grained security administration at the level of individual users and individual objects. And the access permissions were assigned effectively and were easy to be expressed. As an active security model, it considered the context of objects and users when activating the permissions. Finally, an application example was introduced to prove the feasibility and advantages of this model. |
| |
| Keywords: | access control process information management object-based active security model |
| 本文献已被 CNKI 维普 万方数据 等数据库收录! |
