首页 | 本学科首页   官方微博 | 高级检索  
     

基于认证可信度的用户权限控制技术研究
引用本文:魏立峰,丁滟,陈松政,何连跃.基于认证可信度的用户权限控制技术研究[J].计算机工程与科学,2011,33(9):24.
作者姓名:魏立峰  丁滟  陈松政  何连跃
作者单位:国防科学技术大学计算机学院,湖南长沙,410073
摘    要:认证可信度体现了用户身份的可信程度。本文基于用户认证可信度实施用户登录限制、用户角色获取限制及角色强制访问控制策略权限限制,提出了基于认证可信度的用户权限控制技术。将认证可信度与用户访问系统结合,要求用户访问系统必须具有相应的认证可信度,具有重要身份的用户必须通过重要的身份认证机制的认证。在角色定权中结合认证可信度,根据用户认证可信度确定用户可以激活的角色,确定角色被激活后的访问控制权限,并参与到各强制访问控制策略实施中,真正实现认证与访问授权的有机统一,解决权限的不当获取。最后指出了进一步研究的内容。

关 键 词:认证可信度  强制访问控制  角色定权  访问授权

Research on User's Rights Control Technology Based on Authentication Trustworthiness
WEI Li-feng,DING Yan,CHEN Song-zheng,HE Lian-yue.Research on User's Rights Control Technology Based on Authentication Trustworthiness[J].Computer Engineering & Science,2011,33(9):24.
Authors:WEI Li-feng  DING Yan  CHEN Song-zheng  HE Lian-yue
Abstract:Authentication trustworthiness reflects the degree of trustworthiness of the user who has passed system authentication.Based on authentication trustworthiness,logging in is restricted,user's role and role's mandatory access control rights are restricted,and then the user's rights control technology is proposed.Combing authentication trustworthiness with accessing systems,it requests that the user must have some authentication trustworthiness when he wants to access a system,and the important user must pass an important identity authentication mechanism.Applying authentication trustworthiness to RBA(Role Based Authorization),it can decide which role can be activated by the user,and also can decide what rights can be activated by the active role of the user,and reflects on every mandatory access control policy,it implements the unification of authentication and access authorization,solves the problem of improper right obtaining.Finally,more contents to be studied are pointed out.
Keywords:authentication trustworthiness  mandatory access control  role based authorization  access authorization
本文献已被 万方数据 等数据库收录!
点击此处可从《计算机工程与科学》浏览原始摘要信息
点击此处可从《计算机工程与科学》下载全文
设为首页 | 免责声明 | 关于勤云 | 加入收藏

Copyright©北京勤云科技发展有限公司  京ICP备09084417号