| 基于角色与组织的访问控制模型 |
| |
| 引用本文: | 李帆,郑纬民.基于角色与组织的访问控制模型[J].计算机工程与设计,2005,26(8):2136-2140. |
| |
| 作者姓名: | 李帆 郑纬民 |
| |
| 作者单位: | 清华大学,计算机系,北京,100084 |
| |
| 摘 要: | 访问控制是系统安全的重要技术。RBAC(基于角色的访问控制模型)是目前受到广泛关注的访问控制模型,但在大型应用系统中操作烦琐。分析了RBAC的不足之处,提出了基于角色与组织的访问控制模型ORBAC。该模型是对RBAC的扩展,它通过定义组织结构及其权限,减少了角色的数量,从而降低了应用系统访问控制的复杂程度。
|
| 关 键 词: | 角色 组织 权限 访问控制 RBAC |
| 文章编号: | 1000-7024(2005)08-2136-05 |
| 收稿时间: | 2005-02-06 |
| 修稿时间: | 2005-02-06 |
Organization and role-based access control model |
| |
| LI Fan,ZHENG Wei-min.Organization and role-based access control model[J].Computer Engineering and Design,2005,26(8):2136-2140. |
| |
| Authors: | LI Fan ZHENG Wei-min |
| |
| Abstract: | Access Control is an important technology in system security in which RBAC(Role-Based Access Control) is a well-known model.But RBAC is complicated in large application system.The problems existing in RBAC were analyzed and an organization and role based access control model ORBAC was proposed.The new model reduces the number of the role and the complexity of access con-trol management in application system by extending organization structure and its permissions to RBAC. |
| |
| Keywords: | role organization permission access control RBAC |
| 本文献已被 CNKI 维普 万方数据 等数据库收录! |
