用基于RBAC的方法集成遗产系统的访问控制策略

访问控制是软件系统的重要安全机制,其目的在于确保系统资源的安全访问。针对多数遗产系统的访问控制不是基于角色的且其实现形式多样,提出了一种基于RRAC的访问控制策略集成方法。该方法将遗产系统中的权限映射为集成系统中的任务,能够在任务树和策略转换规则的基础上使用统一的形式重组访问控制策略。此外,该方法给出了一组用于实现后续授权操作的管理规则。案例分析表明,提出的方法是可行的,能够有效地集成遗产系统的访问控制策略,并将RRAC引入遗产系统的访问控制。     

自适应软件过程的“服务-角色-规则”形式化模型设计

对自适应软件过程深入研究,在Agent搭建其模型基础上,引入过程资源和过程角色的概念,完成定义与原理论述.并对过程资源和过程角色的自适应调配过程实现,制定出相关的映射规则关系网,实现自适应角色、服务、规则的三位一体化控制,完成自适应的刚柔相济网络体系.     

多设备防火墙安全策略冲突分析

防火墙是作为网络中最常用的安全屏障以代理技术、包过滤技术、状态检查技术、网络地址转换技术(NAT)、VPN技术等功能,保证了计算机的安全性。Internet防火墙可以有效防止外部用户非法使用内部网的资源,加强网络与网络间的访问控制,从而阻止防火墙所保护的内部网络的私密数据被外人所窃取或更改。     

Action diversity in a simulation of the Israeli-Palestinian conflict

This article explores the strategies used by Israeli students to resolve the Israeli-Palestinian conflict in the interactive computer game, PeaceMaker. Students played PeaceMaker in the roles of both the Israeli Prime Minister and the Palestinian President in random order. Students must take actions satisfying constituents on both sides of the conflict in order to win the game. The diversity of actions taken in each role was measured. Several hypotheses test the degree to which Israeli students, depending on which role they played and their own demographic variables, exploited a consistent set of actions or explored a more diverse range of actions across three main types: construction, political, and security. The results show that (1) greater action diversity increases success in both roles, (2) Israeli students engaged in less diverse actions when playing the Israeli role than when playing the Palestinian role, (3) students’ religiosity and political Hawkishness negatively predicted action diversity when playing the Palestinian role, and (4) action diversity mediates the relationship between a student’s background knowledge about the conflict and success in the Israeli role. The significance of these findings for understanding attitudes about the Israeli-Palestinian conflict are discussed, including implications for conflict resolution more generally.     

An ontology-based approach to conflict resolution in Home and Building Automation Systems

Ambient intelligent systems such as Home and Building Automation Systems (HBAS) are becoming evermore accepted and capable of actuating automatically on behalf of users to fulfil their requests or enable activities. However, when multiple users interact with such systems, the requirements of activities often interfere resulting in conflicting actuations which HBAS ought to automatically detect and resolve. Yet, despite recent advances in HBAS, no ambient intelligent solution has been reported that is adequately grounded on knowledge analysis.The contributions of this article are twofold. First, it reviews relevant literature on Ambient Intelligence, conflict detection, conflict resolution and knowledge representation in HBAS. Second, it proposes and validates an ontological framework for conflict detection and resolution backed by knowledge-based analysis. Effectively, the proposed solution performs automatic environment actuations maximizing users comfort and energy efficiency.     

信息系统中一种访问控制的实现策略

在信息系统的开发与应用中,经典基于角色的访问控制(RBAC)模型存在一定的不足。该文在实现基于角色的访问控制模型的同时,改进了原经典模型的不足,并将这种模型应用到对于资源的管理当中。在实现完整的访问控制过程中,该文分析和实现在两个维度下,功能权限维度与资源权限维度的权限管理和访问控制策略。经过这一分析与设计,将访问控制从系统业务逻辑当中分离,包括功能访问控制与资源访问控制的分离,进而增加了系统的灵活性和扩展性。     

An exploratory study of buyers’ participation intentions in reputation systems: The relationship quality perspective

Drawing upon a relationship quality framework, this study identifies how satisfaction, trust and different styles of handling conflict influence online buyers’ participation intentions in reputation systems associated with a C2C online shopping platform. Furthermore, we investigate how these effects are moderated by social conformity and the perceived value of knowledge. The results of a survey of 269 online buyers indicate that satisfaction, trust and an accommodating conflict handling style positively impact the intention to submit positive ratings, whereas an avoiding conflict handling style negatively affects the intention to submit positive ratings. Implications and suggestions for future research are provided.     

On the complexity of role updating feasibility problem in RBAC

In Role Based Access Control (RBAC) systems, it is necessary and important to update the role–permission assignments in order to reflect the evolutions of the system transactions. However, role updating is generally complex and challenging, especially for large-scale RBAC systems. This is because the resulting state is usually expected to meet various requirements and constraints. In this paper, we focus on a fundamental problem of role updating in RBAC, which determines whether there exists a valid role–permission assignment, i.e., whether it can satisfy all the requirements of the role updating and without violating any role–capacity or permission–capacity constraint. We formally define such a problem as the Role Updating Feasibility Problem (RUFP), and study the computational complexity of RUFP in different subcases. Our results show that although several subcases are solvable in linear time, this problem is NP-complete in the general case.     

客户/服务器模式下MIS应用系统的安全性管理

该文介绍基于ORACLE数据库MIS应用系统的数据库特权和角色的控制与管理,以及菜单模块安全性管理在客户端应用系统中的应用。     

安全DBMS的数据字典设计与实现

本文介绍了我们在设计一个安全实时DBMS原型系统时所采用的一些基本安全策略,包括了基于角色的自主访问控制、强制访问控制和审计;并设计实现了相应的数据字典,对传统的数据字典进行了圈套的扩展。