| 一种扩展的基于角色的访问控制模型 |
| |
| 引用本文: | 李双. 一种扩展的基于角色的访问控制模型[J]. 计算机工程与应用, 2012, 48(19): 54-60 |
| |
| 作者姓名: | 李双 |
| |
| 作者单位: | 北京工商大学 理学院,北京 100048 |
| |
| 基金项目: | 北京市属高等学校人才强教计划项目 |
| |
| 摘 要: | 美国国家标准与技术研究局(NIST)建立的RBAC2001技术的参考模型,只规定了最基本的概念需求,还有许多方面值得研究。为使RBAC适用于更广泛的范围,提出一种具有条件约束的权限清晰的基于角色的访问控制扩展模型(ERBAC)。不同于以往对角色集的划分,直接对权限集进行划分,降低了角色-权限授权的难度,为角色-权限的自动配置提供了支持。此ERBAC模型不仅继承了传统RBAC的所有优势,而且可以不作任何修改地嵌入到工作流系统中,在工作流系统中实现动态的访问控制。
|
| 关 键 词: | 访问控制 角色 权限 会话 条件 |
Extended role based access control |
| |
| LI Shuang. Extended role based access control[J]. Computer Engineering and Applications, 2012, 48(19): 54-60 |
| |
| Authors: | LI Shuang |
| |
| Affiliation: | School of Science, Beijing Technology and Business University, Beijing 100048, China |
| |
| Abstract: | In 2001,NIST defined RBAC2001 which provided a standard for Role Based Access Contro(lRBAC).There still are a lot of details needed to be studied.For the wider scope of application,this paper introduces an Extended Role Based Access Contro(lERBAC),which provides the function of the clear partition of permission and the constraint of conditions.It divides the permission directly instead of the classification of roles,which reduces the difficulty of assigning permission between roles and permissions and offers the support for dynamic permission assignment.The new model inherits all merits of the traditional RBAC and can be used in the system of workflow without any modification.It also provides access control dynamically. |
| |
| Keywords: | access control role permission session condition |
| 本文献已被 CNKI 维普 万方数据 等数据库收录! |
| 点击此处可从《计算机工程与应用》浏览原始摘要信息 |
|
点击此处可从《计算机工程与应用》下载全文 |
