| 信息系统中的访问控制技术研究 |
| |
| 引用本文: | 陈卓,卫海鹂,赵宗涛,王小明,李竹林.信息系统中的访问控制技术研究[J].微机发展,2005,15(4):106-108,111. |
| |
| 作者姓名: | 陈卓 卫海鹂 赵宗涛 王小明 李竹林 |
| |
| 作者单位: | [1]第二炮兵工程学院计算机系,陕西西安710025//西北大学计算机科学系,陕西西安710069 [2]第二炮兵工程学院计算机系,陕西西安710025 [4]陕西师范大学计算机学院,陕西西安710062 |
| |
| 基金项目: | 国防预研项目(EP020824-09) |
| |
| 摘 要: | 访问控制是信息系统安全的核心策略之一,它与信息加密、身份验证、安全审计、入侵检测等系统安全理论与技术有机结合,构成了信息系统中存储、处理和传输数据的安全基础设施。访问控制作为计算机信息保护中的重要环节,近年来得到了广泛的重视。文中讨论了自主访问控制、强制访问控制和基于角色的访问控制,给出了它们的形式化定义及基本规则,分析了它们各自的优缺点。经对基于角色的访问控制技术的讨论和分析,得出RBAC更加适合应用的需要。
|
| 关 键 词: | 自主访问控制 强制访问控制 基于角色的访问控制 |
| 文章编号: | 1005-3751(2005)04-0106-03 |
Research on Access Control in Information System |
| |
| CHEN Zhuo,WEI Hai-li,ZHAO Zong-tao.Research on Access Control in Information System[J].Microcomputer Development,2005,15(4):106-108,111. |
| |
| Authors: | CHEN Zhuo WEI Hai-li ZHAO Zong-tao |
| |
| Affiliation: | CHEN Zhuo~1,WEI Hai-li~1,ZHAO Zong-tao~ |
| |
| Abstract: | Access control is one of the kernel policies of information system security, and it constitutes the security infrastructure used for saving, processing and transmitting data in information system with cryptography, authentication, auditing, intrusion detection etc. Access control is a very important aspect of the computer information protection, which has been greatly emphasized in recent years. In this paper, several main technologies, such as discretionary access control, mandatory access control, role-based access control, are introduced. The formal definition and some rules are given, then the advantage and disadvantage of each technology is analyzed. Role-based access control is discussed in detail,and prove that the RBAC adapts the application requirement evenmore. |
| |
| Keywords: | discretionary access control mandatory access control role-based access control |
| 本文献已被 CNKI 维普 等数据库收录! |
|
