基于认证可信度的用户权限控制技术研究

认证可信度体现了用户身份的可信程度。本文基于用户认证可信度实施用户登录限制、用户角色获取限制及角色强制访问控制策略权限限制,提出了基于认证可信度的用户权限控制技术。将认证可信度与用户访问系统结合,要求用户访问系统必须具有相应的认证可信度,具有重要身份的用户必须通过重要的身份认证机制的认证。在角色定权中结合认证可信度,根据用户认证可信度确定用户可以激活的角色,确定角色被激活后的访问控制权限,并参与到各强制访问控制策略实施中,真正实现认证与访问授权的有机统一,解决权限的不当获取。最后指出了进一步研究的内容。

Research on User's Rights Control Technology Based on Authentication Trustworthiness

Authentication trustworthiness reflects the degree of trustworthiness of the user who has passed system authentication.Based on authentication trustworthiness,logging in is restricted,user's role and role's mandatory access control rights are restricted,and then the user's rights control technology is proposed.Combing authentication trustworthiness with accessing systems,it requests that the user must have some authentication trustworthiness when he wants to access a system,and the important user must pass an important identity authentication mechanism.Applying authentication trustworthiness to RBA(Role Based Authorization),it can decide which role can be activated by the user,and also can decide what rights can be activated by the active role of the user,and reflects on every mandatory access control policy,it implements the unification of authentication and access authorization,solves the problem of improper right obtaining.Finally,more contents to be studied are pointed out.