首页 | 本学科首页   官方微博 | 高级检索  
     

RBAC模型的扩充及其应用
引用本文:蔡国永,林煜明. RBAC模型的扩充及其应用[J]. 计算机工程与应用, 2008, 44(3): 228-233. DOI: 10.3778/j.issn.1002-8331.2008.03.072
作者姓名:蔡国永  林煜明
作者单位:桂林电子科技大学 计算机与控制学院,广西 桂林 541004
摘    要:RBAC(Role Based Access Control)是一种被广泛认可的信息系统访问安全规范管理模型,但RBAC访问安全规范模型如何与组织系统的业务过程规范模型融合,从而更有效地服务于可信业务协同系统的开发实践还值得进一步研究改进。在RBAC模型的基础上,融合协同业务规范中的义务及奖惩元素,提出RBAO(Role Based Access and Obligation)模型。RBAO模型不仅能描述角色在组织中可拥有的访问权力,还能描述角色在组织中可能要承担的义务及义务违反时将受到的处罚。这使得RBAO模型更适合用于组织可信规范业务协同系统的管理建模与开发。以具体实例说明了基于RBAO模型的可信业务协同系统管理的分析与建模方法。

关 键 词:访问控制  可信协同  交互义务  组织建模  
文章编号:1002-8331(2008)03-0228-06
修稿时间:2007-07-01

RBAC extension and its application
CAI Guo-yong,LIN Yu-ming. RBAC extension and its application[J]. Computer Engineering and Applications, 2008, 44(3): 228-233. DOI: 10.3778/j.issn.1002-8331.2008.03.072
Authors:CAI Guo-yong  LIN Yu-ming
Affiliation:School of Computer and Control,Guilin University of Electronic Technology,Guilin,Guangxi 541004,China
Abstract:RBAC(Role Based Access Control) is a widely accepted model suitable for access control of organizational information system.However there is still a gap need to be filled whenever considering practical application of RBAC in development of trustable organizational system,especially in combination of organizational business collaborative model with RBAC.Based on RBAC model,elements of obligation and reward/sanction in business collaborative model are proposed to extend RBAC to a new model called RBAO(Role Based Access and Obligation).RBAO specifies not only the authorizations of roles in an organization,but also their obligations and associated sanctions or rewards in collaborative business.RBAO is more applicable in trustable business collaborative system development comparing with RBAC.The analysis and modeling process of using RBAO in trustable collaborative business system development is illustrated through a case study.
Keywords:access control  trustable collaboration  interactive obligation  organization modeling
本文献已被 CNKI 万方数据 等数据库收录!
点击此处可从《计算机工程与应用》浏览原始摘要信息
点击此处可从《计算机工程与应用》下载免费的PDF全文
设为首页 | 免责声明 | 关于勤云 | 加入收藏

Copyright©北京勤云科技发展有限公司  京ICP备09084417号