| 对象式基于角色访问控制模型的规范化描述 |
| |
| 引用本文: | 许春根,严悍,刘凤玉. 对象式基于角色访问控制模型的规范化描述[J]. 小型微型计算机系统, 2003, 24(5): 853-858 |
| |
| 作者姓名: | 许春根 严悍 刘凤玉 |
| |
| 作者单位: | 南京理工大学,计算机技术与工程系,江苏,南京,210094 |
| |
| 基金项目: | 国防科工委基金资助(项目编号:J13008004) |
| |
| 摘 要: | 访问控制在大型复杂的多用户分布式系统中是一个极其重要且错综复杂的部分.目前基于角色访问控制成为主流的安全机制,对象技术作为处理复杂性的有效方法.大型系统的设计亟需一个对象式的、规范化的访问控制模型,以支持系统安全性设计,使众多用户可安全高效地履行其职责.已有的访问控制模型多为非规范的非对象式的.本文采用统一建模语言UML建立一个基于角色访问控制的对象式规范化模型.该模型结构简洁,且提供具有一致性、可推理的约束规范,以支持大型复杂系统的访问控制设计.
|
| 关 键 词: | 程序设计 角色访问控制模型 规范化 面向对象 统一建模语言 UML语言 用户界面 |
| 文章编号: | 1000-1220(2003)05-0853-06 |
Formal Specification for Object-oriented Model of Role-based Access Control |
| |
| XU Chun-gen,YAN Han,LIU Feng-yu. Formal Specification for Object-oriented Model of Role-based Access Control[J]. Mini-micro Systems, 2003, 24(5): 853-858 |
| |
| Authors: | XU Chun-gen YAN Han LIU Feng-yu |
| |
| Abstract: | Access control is significant and intricate component in a large and complex multi-user distributed system. Role based Access Control (RBAC) has been a mainstream security mechanism and object technology has been an effective approach to deal with complexity presently. An object-oriented and formal access control model is imperative for developers to design security mechanism of systems and for users to.perform their duties securely and efficiently. However, existed access control models were mostly informal and non-Object-Oriented. Therefore, this paper proposes a formal and Object-Oriented model for RBAC in Unified Modeling Language (UML). The model is constructed simply and provides consistent and inferable constraint specifications for developers to design access control of large and complex systems. |
| |
| Keywords: | object-oriented access control model role security management |
| 本文献已被 CNKI 维普 万方数据 等数据库收录! |
