一种基于层次命名空间的RBAC管理模型

访问控制是一种重要的信息安全机制.基于角色访问控制(RBAC)提供了一种策略中立、具有强扩展性的框架,使访问控制机制具备了相当的灵活性.RBAC96和ARBAC97模型是基于角色访问控制的经典模型,其中ARBAC97定义了一系列的角色管理模型,实现了在RBAC模型基础上的分布式管理.但对于由多个自治的分支机构组成的大规模组织,ARBAC97模型存在授权关系复杂、允许越级操作以及角色名称必须全局惟一等不足.为了解决这些问题,提出了一种基于层次命名空间的RBAC模型——N-RBAC,使用命名空间来组织角色和资源,各命名空间之间的资源相互不可见.命名空间结构提供了良好的分布式RBAC管理能力,简化了角色继承结构的复杂性,并对局部自治的RBAC管理提供有力支持.

An Administrative Model for Role-Based Access Control Using Hierarchical Namespace

Access control is an important information security mechanism. Role-based access control is a famous access control approach with good flexibility and expandability. The classical RBAC models are RBAC96 and ARBAC97. The ARBAC97 model is an administrative model with the idea of "using RBAC to administrate RBAC". It facilitates decentralized administration of RBAC through three assignment models: URA97, PRA97 and RRA97. Though ARBAC97 works well in traditional RBAC applications, it has some shortcomings if employed in a large organization composed of many autonomous subsidiaries. The member of an administrative role can operate directly in the role range of a junior administrative role, which violates the autonomy of subsidiaries. The authorization relationship is rather complex. And the names of the roles have to be globally unique. A new administrative model named N-RBAC is proposed to overcome these weaknesses. In N-RBAC, all resources (including users and roles) are arranged into a hierarchical namespace structure. Thus the role hierarchy is constructed in a local space instead of in a global space. The administrative role hierarchy is obsolete, and a unique administrative role is assigned to each namespace instead. Experimental results show that the N-RBAC model is more suitable to autonomous distributed role administration than the ARBAC97 model.