| 企业级信息系统中基于策略的访问控制 |
| |
| 引用本文: | 谢东文,刘民,吴澄. 企业级信息系统中基于策略的访问控制[J]. 计算机集成制造系统, 2005, 11(4): 561-564 |
| |
| 作者姓名: | 谢东文 刘民 吴澄 |
| |
| 作者单位: | 清华大学,自动化系国家CIMS工程技术研究中心,北京,100084;清华大学,自动化系国家CIMS工程技术研究中心,北京,100084;清华大学,自动化系国家CIMS工程技术研究中心,北京,100084 |
| |
| 基金项目: | 国家“973”计划资助项目(2002CB312200),国家自然科学基金资助项目(60004010,60274045),国家 863/CIMS 主题资助项目(2001AA411020,2002AA11301 )。~~ |
| |
| 摘 要: | 为了保障企业在获取和处理信息时的信息安全性,需要建立一套信息访问控制机制。提出了基于策略的访问控制模型,介绍了该模型的概念和组成,给出了企业级信息系统访问控制应遵循的9类规则,提出了一种具有通用性和良好可扩展性的实现方案。该方案已成功应用于某大型项目管理软件中,实践证明,可大大缩短软件开发时间,提高可维护性。
|
| 关 键 词: | 访问控制 角色 策略 规则 |
| 文章编号: | 1006-5911(2005)04-0561-04 |
| 修稿时间: | 2004-04-20 |
Policy-based access control in enterprise information system |
| |
| XIE Dong-wen,LIU Min,WU Cheng. Policy-based access control in enterprise information system[J]. Computer Integrated Manufacturing Systems, 2005, 11(4): 561-564 |
| |
| Authors: | XIE Dong-wen LIU Min WU Cheng |
| |
| Abstract: | To guarantee the information security in information acquisition and management in enterprises, an Policy-Based Access Control (PBAC) model was proposed. Definition and compositions of PBAC model were introduced. 9 kinds of rules of PBAC in enterprise information system were provided for enterprises to follow. In addition, a universal and extensible solution was advanced. The solution has been successfully applied in some large project management software. Application has indicated that the proposed solution can greatly lessen software development cycle and improve maintainability. |
| |
| Keywords: | access control rule policy project management |
| 本文献已被 CNKI 维普 万方数据 等数据库收录! |
