| 扩充角色层次关系模型及其应用 |
| |
| 引用本文: | 钟华,冯玉琳,姜洪安.扩充角色层次关系模型及其应用[J].软件学报,2000,11(6):779-784. |
| |
| 作者姓名: | 钟华 冯玉琳 姜洪安 |
| |
| 作者单位: | 1. 中国科学院软件研究所对象技术中心,北京,100080;中国科学院软件研究所计算机科学开放研究实验室,北京,100080
2. 中国石油化工集团公司信息中心,北京,100029 |
| |
| 基金项目: | 本文研究得到国家“九五”重点科技攻关项目基金(No.97-567)、国家863高科技项目基金(No.863-306-ZD02-01)和国爱自然科学基金(No.69833030)资助。 |
| |
| 摘 要: | 基于网络的大规模软件应用系统面临着日益复杂的数据资源安全管理的难题.基于角色的访问控制方法(role-based access control,简称RBAC)实现用户与访问权限的逻辑分离和构造角色之间的层次关系,从而方便了数据的安全管理.该文在RBAC96模型的基础上,对角色之间的层次关系进行了扩充,定义了角色的公共权限和私有权限,引入了一般继承和扩展继承机制,形成了一个能描述复杂层次关系的角色访问控制模型EHRBAC(extended hierarchy role-based access contro
|
| 关 键 词: | 角色 基于角色访问控制 继承 层次关系. |
| 收稿时间: | 1999/3/16 0:00:00 |
| 修稿时间: | 6/7/1999 12:00:00 AM |
A Role Hierarchy Model for Role-Based Access Control and Its Application |
| |
| ZHONG Hu,FENG Yu-lin and JIANG Hong-an.A Role Hierarchy Model for Role-Based Access Control and Its Application[J].Journal of Software,2000,11(6):779-784. |
| |
| Authors: | ZHONG Hu FENG Yu-lin and JIANG Hong-an |
| |
| Abstract: | One of the most challenging problems in managing large computer software systems on global network is the complexity of security administration. The RBAC (role-based access control) method shows powerful capability on access control by realizing logical separation between users and permissions and constructing role hierarchies. This paper presents a role hierarchy model EHRBAC (extended hierarchy role-based access control) based on RBAC96, which defines common permissions and private permissions and imports normal inheritance and extended inheritance. Based on EHRBAC, the authors realize the security administration for the Petrochemical Market Information System. The EHRBAC model can specify the complex inheritance of roles and simplify their relation hierarchies. It minimizes the role access permissions by the separation of private permissions from common permissions. |
| |
| Keywords: | Role role-based access control inheritance hierarchy |
| 本文献已被 CNKI 维普 万方数据 等数据库收录! |
| 点击此处可从《软件学报》浏览原始摘要信息 |
|
点击此处可从《软件学报》下载全文 |
