| 使用会话期上下文检查的RBAC模型:RBAC-CCS |
| |
| 引用本文: | 钱伟,丁二玉,骆斌.使用会话期上下文检查的RBAC模型:RBAC-CCS[J].计算机应用研究,2006,23(9):57-59,63. |
| |
| 作者姓名: | 钱伟 丁二玉 骆斌 |
| |
| 作者单位: | 1. 南京大学,计算机科学与技术系,计算机软件新技术国家重点实验室,江苏,南京,210093
2. 南京大学,软件学院,江苏,南京,210093 |
| |
| 摘 要: | 在大型信息系统的设计中,访问控制一直是一项复杂的工作。基于角色的访问控制(RBAC)被推荐来代替传统的访问控制模型。应用到信息系统中时,需要解决RBAC的控制粒度问题。我们需要一个能够基于上下文进行细粒度访问控制的RBAC模型,即基于对象实例上下文上的访问控制。对现有的解决方案进行综述和比较.提出了使用会话期上下文检查的RBAC模型:RBAC-CCS。RBAC-CCS中用了参数化权限,在权限检查时用上下文变量实例化这些参数化权限,这样就解决了上下文的表示和上下文作用机制问题。最后对RBAC-CCS模型进行了实现.阐述了其中的关键算法并进行了应用。
|
| 关 键 词: | 参数化权限 上下文检查 实现 |
| 文章编号: | 1001-3695(2006)09-0057-03 |
| 收稿时间: | 2005-07-31 |
| 修稿时间: | 2005-07-312005-09-01 |
RBAC Using Context Check in Session: RBAC-CCS |
| |
| QIAN Wei,DING Er-yu,LUO Bin.RBAC Using Context Check in Session: RBAC-CCS[J].Application Research of Computers,2006,23(9):57-59,63. |
| |
| Authors: | QIAN Wei DING Er-yu LUO Bin |
| |
| Abstract: | In the design of large-scale information system,access control system part is always a complicate task.Role Based Access Control(RBAC) has been proposed as an alternative approach to the traditional access control mechanism.When it comes to the application of RBAC in the information system,we will face the trouble of the access control granularity.We require a RBAC model,which can make access control decision based on the context information in a fine-grained,identity-based way.After reviewing and comparing the solutions done before,we present a design and implement approach of RBAC-CCS and its capacity to fulfill the requirement of a judicial management information system.By binding the context information and corresponding parameterized permission to make access control decision,the trouble of depiction and work mechanism of the context is settled in RBAC-CCS.A general object model,some detailed algorithms and an application are also presented in this article. |
| |
| Keywords: | RBAC |
| 本文献已被 CNKI 维普 万方数据 等数据库收录! |
|
