| 基于RBAC的多域策略冲突及其检测方法 |
| |
| 引用本文: | 谷和武,潘理.基于RBAC的多域策略冲突及其检测方法[J].信息安全与通信保密,2010(6):84-86. |
| |
| 作者姓名: | 谷和武 潘理 |
| |
| 作者单位: | 上海交通大学电子信息与电气工程学院,上海,200240 |
| |
| 基金项目: | 国家自然科学基金,国家高技术研究发展计划(863计划) |
| |
| 摘 要: | 针对多安全域之间的访问控制问题提出了策略冲突分类及其检测方法。研究了基于RBAC的多域安全互操作模型及其安全特性,分析了由于引入角色映射带来的策略冲突并对这些冲突进行分类。根据多域环境的特点将安全域角色系统抽象成有向图,利用有效角色系统和角色层次关系,提出了基于角色系统有向图的策略冲突检测方法。最后对方法的计算复杂度进行了分析并给出策略冲突的解决方法。
|
| 关 键 词: | 安全互操作 策略冲突 有向图 |
Multi-domain Policy Conflicts and Detection Methods Based on RBAC |
| |
| GU He-wu,PAN Li.Multi-domain Policy Conflicts and Detection Methods Based on RBAC[J].China Information Security,2010(6):84-86. |
| |
| Authors: | GU He-wu PAN Li |
| |
| Affiliation: | (School of Electronic Information and Electric Engineering, Shanghai Jiaotong University, Shanghai 200240, China) |
| |
| Abstract: | For the access control in multi-domain, this paper proposes a method for policy conflicts classification and detection. The secure interoperation model based on RBAC and its security characteristics are studied, the policy conflicts resulted from the introduction of role mapping are analyzed and classified. The role system is abstracted as directed graph, and the effective roles and role hierarchy are utilized to propose a method based on directed graph of role system for detecting policy conflicts. Finally, the computational complexity?of the proposed method is analyzed, and the solutions for policy conflicts are given. |
| |
| Keywords: | secure interoperation policy conflict directed graph |
| 本文献已被 维普 万方数据 等数据库收录! |
