基于角色访问控制的入侵容忍机制研究

系统在受到入侵的情况下,如何仍能为用户提供规定的服务成为了当前网络安全技术中的一个重要问题.该文结合入侵容忍和基于角色的访问控制技术的特点,提出了一种基于角色访问控制的入侵容忍安全架构,给出了它的模型和基本组成.在网络分布式计算环境中,采用基于角色的访问控制技术的策略,从角色管理服务器、角色冒充、数据和应用服务器四个方面阐述了该架构的容侵机制,从而保证服务系统的安全性和可用性,实现整个系统的入侵容忍.

Research on Intrusion Tolerant Architecture Based on Role-Based Access Control

It is an important problem that how can continue to function correctly and to provide the intended services to legitimate user in a timely manner even in the face of an attack.An intrusion tolerant architecture,which is based on role-based access control scheme,is proposed in this paper.Our method is built upon the analysis of intrusion effects rather than intrusion causes.The characteristics,model and components of intrusion tolerant architecture are discussed in detail.In the distributed network computing environment,utilized the strategy of role-based access control,the intrusion tolerant mechanism is expounded from role-administer server,role pretending,data server and application server.The presented intrusion tolerant architecture guarantees the security and availability of the protected server,which enhances intrusion tolerant ability of server.