| 动态安全模型中基于代理的访问控制 |
| |
| 引用本文: | 丁胜,王思鹏,王晓峰.动态安全模型中基于代理的访问控制[J].计算机工程,2008,34(8):193-194. |
| |
| 作者姓名: | 丁胜 王思鹏 王晓峰 |
| |
| 作者单位: | 1. 武汉大学遥感信息工程学院,武汉,430079;武汉科技大学计算机科学与技术学院,武汉,430081
2. 武汉科技大学计算机科学与技术学院,武汉,430081 |
| |
| 摘 要: | 随着信息系统复杂性不断增强,许多大型应用系统都具有动态性,但是传统的访问控制机制不能提供动态权限分配。该文提出一个实现动态安全策略的访问控制模型,在RBAC模型基础上通过代理动态地决定访问权限,代理根据抽象角色定义和上下文信息规则,通过推导模块得到用户的实际角色,阐述模型的组成并将它应用于一个项目管理系统中。结果表明,该模型比传统的访问控制模型更加高效、安全。
|
| 关 键 词: | 访问控制 安全模型 抽象角色 代理 |
| 文章编号: | 1000-3428(2008)08-0193-02 |
| 修稿时间: | 2007年4月30日 |
Agent-based Access Control for Dynamic Security Model |
| |
| DING Sheng,WANG Si-peng,WANG Xiao-feng.Agent-based Access Control for Dynamic Security Model[J].Computer Engineering,2008,34(8):193-194. |
| |
| Authors: | DING Sheng WANG Si-peng WANG Xiao-feng |
| |
| Affiliation: | (1. School of Remote Sensing and Information Engineering, Wuhan University, Wuhan 430079; 2. College of Computer Science and Technology, Wuhan University of Science and Technology, Wuhan 430081) |
| |
| Abstract: | With the development of information system, most practical applications have dynamic attributes, but conventional access control mechanisms have not addressed the problem efficiently. This paper discusses how to realize an access control system that enables to manage dynamic security policies. The proposed method is based on Role-based Access Control (RBAC), and the agent decides access rights dynamically for the abstract role, according to the definitions of the abstract roles, context information and rules, agent acquire actual role by inference module, demonstrate the structure of the model and usefulness of the proposed system by presenting the project management application and its access control system. Experimental results verify that the model is more efficient and securer than traditional access control model. |
| |
| Keywords: | access control security model abstract role agent |
| 本文献已被 CNKI 维普 万方数据 等数据库收录! |
| 点击此处可从《计算机工程》浏览原始摘要信息 |
|
点击此处可从《计算机工程》下载全文 |
|
