| 基于角色的扩展可管理访问控制模型研究与实现 |
| |
| 引用本文: | 龙勤,刘鹏,潘爱民.基于角色的扩展可管理访问控制模型研究与实现[J].计算机研究与发展,2005,42(5):868-876. |
| |
| 作者姓名: | 龙勤 刘鹏 潘爱民 |
| |
| 作者单位: | 1. 北京大学计算机科学技术研究所,北京,100871
2. 北京大学信息科学技术学院,北京,100871 |
| |
| 基金项目: | 国家“八六三”高技术研究发展计划基金项目(2002AA119020) |
| |
| 摘 要: | 基于角色的访问控制(RBAC)具有简单灵活、细粒度控制、可用性强等特点,受到广泛的关注,近10年来,RBAC得到了广泛的研究与扩展.针对RBAC模型中存在的不足,提出了一种基于角色的可管理访问控制模型EARBAC.EARBAC通过对客体资源、访问类型的进一步抽象,对NISTRBAC参考模型进行了有效的扩展,更具通用性与更强的现实世界表达能力,同时与ARBAC96的结合,使其具有良好的可管理能力.基于该扩展模型,实现了一个安全的网络文件原型系统.
|
| 关 键 词: | 信息安全 访问控制 角色 角色管理 |
Research and Implementation of an Extended Administrative Role-Based Access Control Model |
| |
| LONG Qin,Liu Peng,Pan Aimin.Research and Implementation of an Extended Administrative Role-Based Access Control Model[J].Journal of Computer Research and Development,2005,42(5):868-876. |
| |
| Authors: | LONG Qin Liu Peng Pan Aimin |
| |
| Affiliation: | Long Qin1,Liu Peng2,and Pan Aimin11 |
| |
| Abstract: | RBAC(role-based access control) is emphasized recently due to its simpleness, flexibility, fine-grained control ability and strong usability, and has been proven to be efficient to improve security administration with flexible authorization management During the past decade, RBAC has been studied by many researchers and many extensions have been proposed to perfect it Now, studies on the object part of RBAC model are relatively insufficient compared with those on the user-role part A new administrative role-based access control model is proposed in this paper, which extends the proposed NIST standard for RBAC effectively The new model is more integrated and closer to most organizational structures by extending the abstracts about the objects and access type, and it can be administrated more conveniently combining with ARBAC 96 model Based on this extended model, a secure network file system prototype is implemented |
| |
| Keywords: | information security access control role role administration |
| 本文献已被 CNKI 维普 万方数据 等数据库收录! |
