| 基于角色的访问控制扩展模型及其实现 |
| |
| 引用本文: | 樊金生,关保灿,李晓东.基于角色的访问控制扩展模型及其实现[J].计算机工程与设计,2008,29(18). |
| |
| 作者姓名: | 樊金生 关保灿 李晓东 |
| |
| 作者单位: | 1. 石家庄铁道学院,计算机与信息工程分院,河北,石家庄,050043
2. 清华大学,计算机科学与技术系网络所,北京,100084 |
| |
| 摘 要: | 提出了一种改进的RBAC模型,该模型通过引入安全员、审计员、主客体安全等级、角色容量等概念,对传统RBAC模型进行了扩展,克服了传统RBAC中判断程序的权限仅仅根据启动程序的角色的不足,提高了模型的安全性.最后通过一个应用实例验证了新模型的有效性.
|
| 关 键 词: | 基于角色权限控制 模型 安全性 权限 控制 |
Design of extended role-based access control model and its implementation |
| |
| FAN Jin-sheng,GUAN Bao-can,LI Xiao-dong.Design of extended role-based access control model and its implementation[J].Computer Engineering and Design,2008,29(18). |
| |
| Authors: | FAN Jin-sheng GUAN Bao-can LI Xiao-dong |
| |
| Affiliation: | FAN Jin-sheng1,GUAN Bao-can1,LI Xiao-dong2(1.School of Computer , Information Engineering,Shijiazhuang Railway Instituty,Shijiazhuang 050043,China,2.Institute of Computer Network Technology,Department of Computer Science , Technology,Tsinghua University,Beijing 100084,China) |
| |
| Abstract: | An improved RBAC(role-based access control) model is represented.To get over the shortcoming of traditional RBAC model,which the authority of judge program is only based on the role of startup program,the improved model imports some concepts,such as guarder,auditor,the security level of main and subsidiary body,capability of roles and so on,then the security of traditional RBAC model is strengthened.Lastly,the validity of improved model is proved by an application instance. |
| |
| Keywords: | RBAC model security access control |
| 本文献已被 CNKI 维普 万方数据 等数据库收录! |
|
