| 基于角色的访问控制框架的研究与实现 |
| |
| 引用本文: | 季永志,阎保平,续岩,吴开超,沈志宏. 基于角色的访问控制框架的研究与实现[J]. 微电子学与计算机, 2005, 22(11): 100-103,107 |
| |
| 作者姓名: | 季永志 阎保平 续岩 吴开超 沈志宏 |
| |
| 作者单位: | 1. 中国科学院计算机网络信息中心数据库应用研究室,北京,100080;中国科学院研究生院,北京,100039
2. 中国科学院计算机网络信息中心数据库应用研究室,北京,100080 |
| |
| 基金项目: | 中国科学院“十五”信息化建设重大资助项目(INF105-SDB) |
| |
| 摘 要: | 介绍一种基于角色的访问控制框架,详细阐述了该框架的实现原理和工作机制.基于角色的访问控制(RBAC)是一种关于授权管理的概念模型,与传统的授权策略相比,它更加灵活、安全且易维护.基于角色的访问控制框架在原理上对RBAC基本模型进行了概念扩展,根据大规模数据资源授权管理的需要,提出了更加细化的资源概念和明确的权限判定机制。
|
| 关 键 词: | RBAC 资源类 静态资源 动态资源 角色包含 三元组判定 |
| 文章编号: | 1000-7180(2005)11-100-04 |
| 收稿时间: | 2005-07-28 |
| 修稿时间: | 2005-07-28 |
Research and Implementation of Role-Based Access Control Framework |
| |
| JI Yong-zhi,YAN Bao-ping,XU Yan,WU Kai-chao,SHEN Zhi-hon. Research and Implementation of Role-Based Access Control Framework[J]. Microelectronics & Computer, 2005, 22(11): 100-103,107 |
| |
| Authors: | JI Yong-zhi YAN Bao-ping XU Yan WU Kai-chao SHEN Zhi-hon |
| |
| Affiliation: | 1 Scientific Database Department Computer Network Information Center, Chinese Academy of Sciences, Beijing 100080;2 Graduate School, Chinese Academy of Sciences, Beijing 100039 |
| |
| Abstract: | A framework of Role-Based Access Control and its implementation mechanism and principle are introduled in detail in this paper. Role-Based Access Control (RBAC) is an abstract model on authorization management. It is more flexible, secure and easy to maintain, compared with the traditional authorization strategies. This framework of Role-Based Access Control extends the conception of the basic moddel of the RBAC. A concept on more minute granular resource and a mechanism of authorization judgment are presented, in order to fulfill the requirements of the authorization management of large-scale data resource. |
| |
| Keywords: | RBAC Resource class Static resource Dynamic resource Role including Judge on triple |
| 本文献已被 CNKI 维普 万方数据 等数据库收录! |
|
