|
|||||
|
|
| 基于RBAC模型的同名角色研究与设计 | |
| 引用本文: | 欧阳凯,沈晴霓,周敬利.基于RBAC模型的同名角色研究与设计[J].小型微型计算机系统,2007,28(8):1402-1406. |
| 作者姓名: | 欧阳凯 沈晴霓 周敬利 |
| 作者单位: | 1. 武汉科技大学,计算机学院,湖北,武汉,430081 2. 国家基础软件工程研究中心,中国科学院,软件研究所,北京,100080 3. 华中科技大学,计算机学院,湖北,武汉,430074 |
| 摘 要: | 安全模型既是可信信息系统的核心内容,也是可信计算研究的重要领域.基于对角色访问控制(RBAC: Role Based Access Control)和安全操作系统标准的深入研究,提出了同名角色的概念,扩展了RBAC中角色的控制范畴,便于灵活地权衡控制粒度与空间需求的对立关系,实施细粒度的访问控制;同时根据同名角色的思想,为自主存取控制(DAC:Discretionary Access Control)系统提供了同名控制域的能力.最后,在FreeBSD操作系统中设计实现了同名控制域,提高了访问控制的灵活性. |
| 关 键 词: | 安全模型 可信计算 角色访问控制模型 同名角色 同名控制域 |
| 文章编号: | 1000-1220(2007)08-1402-05 |
| 修稿时间: | 2006-05-11 |
Design Study for Homonymous Role Based on RBAC |
|
| OUYANG Kai,SHEN Qing-ni,ZHOU Jing-li.Design Study for Homonymous Role Based on RBAC[J].Mini-micro Systems,2007,28(8):1402-1406. | |
| Authors: | OUYANG Kai SHEN Qing-ni ZHOU Jing-li |
| Abstract: | The security model is the core content in the trusted information system and the key field of the trusted computing research. Based on the deep research of the RBAC (Role Based Access Control) model and the security operating system standard, we put forward the conception of the homonymous role, which could extend the control category of the role in RBAC. By the homonymous role, we can neatly balance the opposite relationship of the control granularity and the requirement of the storage space and carry the detailed access control into execution. Based on the idea of the homonymous role, we also provide the capability of the homonymous control domain for DAC (Discretionary Access Control) system. Finally, we design and implement the homonymous control domain in FreeBSD to enhance the flexibility of the access control. |
| Keywords: | security mode trusted computing RBAC homonymous role homonymous control domain |
| 本文献已被 CNKI 维普 万方数据 等数据库收录! | |