计算机科学 ›› 2017, Vol. 44 ›› Issue (8): 140-145.doi: 10.11896/j.issn.1002-137X.2017.08.025
谭韧,殷肖川,李晓辉,卞洋洋
TAN Ren, YIN Xiao-chuan, LI Xiao-hui and BIAN Yang-yang
摘要: 针对基于角色的访问控制(RBAC)模型在业务处理流程中访问控制粒度过粗和无法动态调整授权等方面的问题,提出了一种面向业务的动态RBAC模型(BO-RBAC)。该模型参考基于任务的访问控制(TBAC)模型,引入了业务、业务步和授权步等概念,并形式化定义了模型的基本集合;同时将授权过程分为角色授权和授权步授权两部分,将业务执行视为随机过程,给出了基于马尔可夫链的动态授权方法;最后使用C++14对模型进行了实现。BO-RBAC模型结合了RBAC与TBAC的特点,具有访问控制粒度细、授权动态调整、满足安全规范等优点。
| [1] YUAN J B,WEI L L,ZENG Q H.Delegation based cross-domain access control model under cloud computing for mobile terminal[J].Journal of Software,2013,4(3):564-574.(in Chinese) 袁家斌,魏利利,曾青华.面向移动终端的云计算跨域访问委托模型[J].软件学报,2013,24(3):564-574. [2] ZHAO M B,YAO Z Q.Access control model based on RBAC in cloud computing[J].Journal of Computer Applications,2013,32(A2):267-270.(in Chinese) 赵明斌,姚志强.基于RBAC的云计算访问控制模型[J].计算机应用,2013,32(A2):267-270. [3] ISO.IEC14882:2014 Information technology--Programming languages--C++ [S].Geneva,Switzerland:International Organization for Standardization,2014. [4] SANDHU R S,COYNE E J,FEINSTEIN H L,et al.Role-based access control:A multi-dimensional view[C]∥Computer Security Applications Conference.IEEE,1994:54-62. [5] SANDHU R S,COYNE E J,FEINSTEIN H L,et al.Role-based access control models[J].IEEE Computer,1996,29(2):38-47. [6] XIONG H R,CHEN X Y,ZHANG B,et al.Security Principles for RBAC-based Authorization Management[J].Computer Science,2015,42(3):117-123.(in Chinese) 熊厚仁,陈性元,张斌,等.基于RBAC的授权管理安全准则分析与研究[J].计算机科学,2015,42(3):117-123. [7] WU L Y,LIU S Y ,FAN L J,et al.Research on ImprovedRBAC Model Oriented to Web Cluster Application[J].Compu-ter and Network,2015(12):53-56.(in Chinese) 吴丽颖,刘淑瑜,范霖君,等.面向Web集群应用的改进RBAC模型研究[J].计算机与网络,2015(12):53-56. [8] ZHOU X G,LIU J W,LIU W R,et al.Anonymous Role-Based Access Control on E-Health Records[C]∥Proceedings of the 11th ACM on Asia Conference on Computer and Communications Security.ACM,2016:559-570. [9] CAU T,NIE Q B,OUYANG K,et al.Role-extended-basedRBAC model[J].Application Research of Computers,2016,33(3):882-885.(in Chinese) 蔡婷,聂清彬,欧阳凯,等.基于角色扩展的RBAC模型[J].计算机应用研究,2016,33(3):882-885. [10] DENG J B,HONG F.Task-Based Access Control Model[J].Journal of Software,2003,14(1):76-82.(in Chinese) 邓集波,洪帆.基于任务的访问控制模型[J].软件学报,2003,14(1):76-82. [11] LAPIN S.Access control model D-TBAC subject to the requirements to tasks’ performing[C]∥Proceedings of the 8th International Conference on Security of Information and Networks.ACM,2015:42-45. [12] SHI J F,LI J H,XUE Z.Research of Authorization ModelBased TBAC[J].Communications Technology,2002(11):95-97.(in Chinese) 施教芳,李建华,薛质.一种扩展的TBAC访问控制模型研究[J].通信技术,2002(11):95-97. [13] ZHANG Q P.Research on Tasks and Role Based Access Control Model[J].Computer Security,2008(9):74-75.(in Chinese) 张庆萍.基于任务和角色的访问控制模型研究[J].计算机安全,2008(9):74-75. [14] SCHMIDT P J,PINTAR K D,FAZIL A M,et al.Harnessingthe Theoretical Foundations of the Exponential and Beta-Poisson Dose-Response Models to Quantify Parameter Uncertainty Using Markov Chain Monte Carlo[J].Risk Analysis,2013,33(9):1677-1693. [15] WANG H,YAJIMA A,LIANG R Y,et al.Bayesian Modeling of External Corrosion in Underground Pipelines Based on the Integration of Markov Chain Monte Carlo Techniques and Clustered Inspection Data[J].Computer-Aided Civil and Infrastructure Engineering,2015,30(4):300-316. [16] ISO.IEC14882:2011 Information technology--Programming languages--C++ [S].Geneva,Switzerland:International Organization for Standardization,2011. |
| No related articles found! |
|
||
首页