| 利用规则RBAC模型实现门户的安全访问控制 |
| |
| 引用本文: | 程玉松,孟丽荣,盛琦,刘学波,柳楠.利用规则RBAC模型实现门户的安全访问控制[J].计算机工程与设计,2005,26(5):1299-1301. |
| |
| 作者姓名: | 程玉松 孟丽荣 盛琦 刘学波 柳楠 |
| |
| 作者单位: | 1. 山东大学,计算机科学与技术学院,山东,济南,250061
2. 山东移动通信规划设计研究院有限公司,山东,济南,250021 |
| |
| 摘 要: | 基于角色的访问控制(Role—Based Access Control,RBAC)是一种安全、高效的访问控制机制,并不能满足门户中根据用户特征的动态改变而动态地改变用户角色的需要。结合RBAC模型思想和门户的需要提出一个基于规则的RBAC模型,在用户和角色之间增加规则,并通过定义规则表达式实现了动态的用户角色分配,克服了标准的基于角色访问控制模型应用于门户的缺陷。讨论了以规则RBAC模型为基础的门户中资源访问控制的实现,有效地解决了门户中的安全访问控制问题。
|
| 关 键 词: | 门户 角色 访问控制 规则RBAC模型 |
| 文章编号: | 1000-7024(2005)05-1299-03 |
Implementing ruled-role-based access control model in portal |
| |
| CHENG Yu-song,MENG Li-rong,SHENG Qi,LIU Xue-bo,LIU Nan.Implementing ruled-role-based access control model in portal[J].Computer Engineering and Design,2005,26(5):1299-1301. |
| |
| Authors: | CHENG Yu-song MENG Li-rong SHENG Qi LIU Xue-bo LIU Nan |
| |
| Affiliation: | CHENG Yu-song 1,MENG Li-rong 1,SHENG Qi 2,LIU Xue-bo 1,LIU Nan 1 |
| |
| Abstract: | Role-based access control (RBAC) is a kind of access control mechanism which is secure and high efficient. The RBAC model is not satisfid with requirement of portal, which can change user's roles with changing of user's property. The ruled-RBAC model is proposed combined with thinking of RBAC model and requirement of portal, which adds rule mechanism between users and roles. The mechanism realizes the role authorization dynamically by defining rule-formula and improves the performance of standand role-based access controlmodel in portal. The implementationof resource access control in portal on the basis of theruled-RBAC modelis discussed. And the question of secure access control in portal is resolved effectively. |
| |
| Keywords: | portal role RBAC rule |
| 本文献已被 CNKI 维普 万方数据 等数据库收录! |
|
