| 一种RBAC模型中实现否定授权的方法 |
| |
| 引用本文: | 张世龙,沈玉利.一种RBAC模型中实现否定授权的方法[J].计算机应用与软件,2009,26(5). |
| |
| 作者姓名: | 张世龙 沈玉利 |
| |
| 作者单位: | 广东海洋大学信息学院,广东,湛江,524088 |
| |
| 基金项目: | 国家星火项目,粤港关键领域重点突破招标项目 |
| |
| 摘 要: | 针对现有基于角色访问控制RBAC(Role_based Access Control)相关模型中对否定授权研究的不足,指出用户可以获得计划外权限的问题.通过引入授权状态的概念,对RBAC模型中权限与角色之间的分配关系进行扩展,定义许可授权、收回授权、否定授权及其优先级,给出授权状态合并运算的九个规则,提出RBAC模型实施否定授权的方法.分析实现否定授权的RBAC模型性能,通过具体实例充分说明实现否定授权的RBAC模型的安全性和实用性,并在实际应用中得到实现和验证.
|
| 关 键 词: | 否定授权 授权状态 合并规则 |
AN IMPLEMENTATION METHOD OF NEGATIVE AUTHORIZATION IN RBAC MODEL |
| |
| Zhang Shilong,Shen Yuli.AN IMPLEMENTATION METHOD OF NEGATIVE AUTHORIZATION IN RBAC MODEL[J].Computer Applications and Software,2009,26(5). |
| |
| Authors: | Zhang Shilong Shen Yuli |
| |
| Affiliation: | College of Information;Guangdong Ocean University;Zhanjiang 524088;Guangdong;China |
| |
| Abstract: | Aiming at the deficiencies in negative authorisation research in current RBAC model,the problem that the user can obtain permissions beyond the assignment plan is pointed out.By introducing the concept of authorisation state,the distribution relation between the role and the permission in RBAC model is extended,the authorisations of grant,revoking and negative and their priorities are defined,nine rules of authorisation state combination operation are given,an implementation method of negative authorisation... |
| |
| Keywords: | RBAC |
| 本文献已被 CNKI 维普 万方数据 等数据库收录! |
|
