| 在企业基础信息平台中实现基于角色的访问控制 |
| |
| 引用本文: | 蔡梅松,蔡鸿明.在企业基础信息平台中实现基于角色的访问控制[J].武汉大学学报(工学版),2006,39(4):102-106. |
| |
| 作者姓名: | 蔡梅松 蔡鸿明 |
| |
| 作者单位: | 上海交通大学软件学院,上海,200030 |
| |
| 摘 要: | 介绍了个人权限、角色权限和临时权限的构成特点,提出了三种不同权限的访问控制方法,并采用server-pull系统架构,针对角色权限对LDAP模式进行扩展,实现了基于RBAC模型在企业基础信息平台中的访问控制应用.系统以LDAP目录服务器当作角色服务器,使用户在某种安全模式下(如在SSL上)得到需要的角色信息,从而实施相关的RBAC策略以达到访问控制目的,具有简单灵活的特点.
|
| 关 键 词: | 访问控制 RBAC LDAP |
| 文章编号: | 1671-8844(2006)04-102-05 |
| 收稿时间: | 2006-02-17 |
| 修稿时间: | 2006年2月17日 |
Implementation of role-based access control mechanism based on enterprise fundamental information platform |
| |
| CAI Meisong,CAI Hongming.Implementation of role-based access control mechanism based on enterprise fundamental information platform[J].Engineering Journal of Wuhan University,2006,39(4):102-106. |
| |
| Authors: | CAI Meisong CAI Hongming |
| |
| Affiliation: | School of Software, Shanghai Jiaotong University, Shanghai 200030 |
| |
| Abstract: | The network security polices in terms of users personal,role and temporary attributes are introduced;and then the access and control mechanism for the three security polices are put forward.An adoption of server-pull and LDAP structure is discussed to perform access and control for the enterprise fundamental information platform based on RBAC.The system employs LDAP directory server as the role server and users can obtain required information in certain secure mode(e.g.SSL),so as to implement the relevant RBAC strategy to achieve the access control purpose.The structure's feature is simple and flexible. |
| |
| Keywords: | access control role-based access control(RBAC) lightweight directory access protocal(LDAP) |
| 本文献已被 CNKI 维普 万方数据 等数据库收录! |
|
