| 支持授权的基于角色的访问控制模型及实现 |
| |
| 引用本文: | 刘婷婷,汪惠芬,张友良. 支持授权的基于角色的访问控制模型及实现[J]. 计算机辅助设计与图形学学报, 2004, 16(4): 414-419 |
| |
| 作者姓名: | 刘婷婷 汪惠芬 张友良 |
| |
| 作者单位: | 南京理工大学CIMS研究所,南京,210094;南京理工大学CIMS研究所,南京,210094;南京理工大学CIMS研究所,南京,210094 |
| |
| 基金项目: | 国防科技重点实验室基金项目,总装备部“十五”预研项目资助 |
| |
| 摘 要: | 现有的基于角色的访问控制模型多采用集中授权管理方式,不能满足大型复杂协作系统的需求.文中对RBAC96模型进行扩展,形成了支持授权的基于角色的访问控制模型.该模型引入角色语境作为自主授权活动的依据,通过语境部件授权极限值、授权域、授权类型以及撤销类型的定义,以支持灵活的自主授权活动,并支持多步授权,允许安全管理员对系统进行宏观安全控制.对该模型的基本部件和规范进行了描述,并且给出授权活动的实现算法和应用实例.
|
| 关 键 词: | 基于角色访问控制 授权 |
Authorization Supported Role-Based Access Control Model and Its Implementation |
| |
| Liu Tingting Wang Huifen Zhang Youliang. Authorization Supported Role-Based Access Control Model and Its Implementation[J]. Journal of Computer-Aided Design & Computer Graphics, 2004, 16(4): 414-419 |
| |
| Authors: | Liu Tingting Wang Huifen Zhang Youliang |
| |
| Abstract: | Role-based access control models introduced in literature cannot satisfy the requirements of complex system because of using central administration. A new model is introduced through extending RBAC96. This model develops ROLECONTEXT as the criterion of auto-authorization activity. Four ROLECONTEXT components, namely authorization maximum, authorization region, authorization type and revocation type are defined to support flexible and multi-step authorization. This makes the model permit security manager to control the system at a higher level. Core component and specifications of the new model are given. Moreover, algorithm for authorization and examples are illustrated. |
| |
| Keywords: | role-based access control authorization |
| 本文献已被 CNKI 维普 万方数据 等数据库收录! |
