| 基于业务流程的访问控制模型研究开发 |
| |
| 引用本文: | 王靖,张璟,李军怀.基于业务流程的访问控制模型研究开发[J].计算机应用,2004,24(10):112-115. |
| |
| 作者姓名: | 王靖 张璟 李军怀 |
| |
| 作者单位: | 西安理工大学,计算机科学与工程学院,陕西,西安,710048 |
| |
| 基金项目: | 国家 86 3计划资助项目 (2 0 0 3AA1Z2 56 0 ) |
| |
| 摘 要: | 在分析研究RBAC基本模型的基础上,根据网上申报、审批系统的实际需求,提出了一种基于业务流程的访问控制模型,将业务流程和基于角色的权限控制相结合,在业务流程和角色之间建立有效的联系,使有关业务流程的信息能够直接指导角色的设置。该模型克服了RBAC基本模型需要修改角色权限来适应不同业务流程的缺点,真正实现了权限的按需、按流程分配,角色只有在执行特定子任务时才具有权限,权限的分配和回收由系统动态实现。该模型已在网上申报、审批系统项目中应用。
|
| 关 键 词: | 基于角色的访问控制 访问控制模型 业务流程 网络安全 |
| 文章编号: | 1001-9081(2004)10-0112-04 |
Research and application on access control model based on workflow |
| |
| WANG Jing,ZHANG Jing,LI Jun-huai.Research and application on access control model based on workflow[J].journal of Computer Applications,2004,24(10):112-115. |
| |
| Authors: | WANG Jing ZHANG Jing LI Jun-huai |
| |
| Abstract: | Based on the researching of RBAC model,an access control model based on the workflow was proposed according to the actual requirements of online report and approving system. The model combined the workflow and the role-based access control(RBAC),established an effective connection between the workflow and the roles and made the information from the business process guide the settings of roles directly. This model overcomed the shortcoming of RBAC basic model that it must adapt to different workflow by changing the authorities of roles. It could allocate the authority according to the requirements and process,and the roles were only granted with some authorities after it had carried out some sub-missions. The allocation and canceling of the authorities were realized by the system dynamically. The model has been applied in the online report and approving system and has achieved good effects. |
| |
| Keywords: | RBAC access control model workflow network security |
| 本文献已被 CNKI 维普 万方数据 等数据库收录! |
