| 一种面向PDM系统基于权限位的访问控制方法 |
| |
| 引用本文: | 刘智,吴刚.一种面向PDM系统基于权限位的访问控制方法[J].计算机工程与科学,2013,35(1):72-76. |
| |
| 作者姓名: | 刘智 吴刚 |
| |
| 作者单位: | 上海交通大学软件学院,上海,200240 |
| |
| 摘 要: | 访问控制技术是保障信息系统安全的关键技术。在对已有的访问控制技术进行了回顾和分析的基础上,提出了PDM-RBAC访问控制模型。该模型针对PDM系统中存在的用户层次多、数据量大、数据细粒度的控制等因素造成的系统性能低效和管理困难的问题,引入了用户组层次来替代RBAC访问控制模型中的角色层次,并增加了权限层次结构来管理数据权限,同时结合在某企业PDM系统设计和实现中的实践,设计了基于权限位的访问控制算法,用于解决正负权限引起的策略冲突问题。实验结果表明了该模型和算法在大型信息系统权限管理的高效性。
|
| 关 键 词: | 产品数据管理 基于角色的访问控制 访问控制 |
| 收稿时间: | 2011-11-24 |
| 修稿时间: | 2012-03-15 |
An access control method for PDM system based on permission bits |
| |
| LIU Zhi
,
WU Gang.An access control method for PDM system based on permission bits[J].Computer Engineering & Science,2013,35(1):72-76. |
| |
| Authors: | LIU Zhi WU Gang |
| |
| Affiliation: | (School of Software,Shanghai Jiao Tong University,Shanghai 200240,China) |
| |
| Abstract: | Access control is an important security technology to protect the information system. In this paper, we review the existing access control models and propose the PDM RBAC model .This model is designed to solve the problems such as inefficiency and difficult management, which exist in the PDM system and are caused by huge amount of data, fine grained control of data and too many user levels. We use user group hierarchy instead of role hierarchy to decrease permission configuration data and introduce permission hierarchy to manage data permission. Under the application in an enterprise PDM system, we also propose an access control algorithm based on permission bits to solve the conflict caused by negative permissions. |
| |
| Keywords: | PDM RBAC access control |
| 本文献已被 CNKI 万方数据 等数据库收录! |
| 点击此处可从《计算机工程与科学》浏览原始摘要信息 |
|
点击此处可从《计算机工程与科学》下载全文 |
|
