计算机科学 ›› 2014, Vol. 41 ›› Issue (Z6): 429-432.
强振平,何丽波,陈旭,李彤
QIANG Zhen-ping,HE Li-bo,CHEN xu and LI Tong
摘要: 针对复杂信息系统中因角色数量多、用户职责属性经常动态改变等导致访问控制复杂的问题,在充分考虑用户的组织形式与授权关系的基础上,以用户所在机构、用户分组信息为角色分配主体,同时增加信息系统中资源访问操作权限范围限定,改进了RBAC模型并设计了实现改进模型的数据关系。实践结果显示,改进模型不仅可以方便地完成机构和用户组职责改变时对所涉及用户授权的修改,而且可以快速响应因人员职责属性改变引起的授权修改,同时能够灵活地完成资源访问操作权限的控制。
[1] Sandhu R,Coyne E,Feinstein H.Role-based Access ControlModels[J].IEEE Computer,1996,9(6):38-47 [2] Fereaiolo D F,Sandhu R,Gavrila S,et al.Proposed NIST Stan-dard for Role-Based Access Control[J].ACM Transactions on Information and System Security,2001,4(3):224-274 [3] ANSI.American National Standard for Information Technolo-gy—Role Based Access Control[C]∥ANSI Int’l Committee for Information Technology Standards.Feb.2004:359 [4] 刘强,王磊,何琳.RBAC模型研究历程中的系列问题分析[J].计算机科学,2012,39(11):13-18 [5] 沈海波,洪帆.访问控制模型研究综述[J].计算机应用研究,2005(6):9-11 [6] 李凤华,史国振,马建峰.访问控制模型研究进展及发展趋势[J].电子学报,2012,40(4):805-813 [7] Sandhu R,Bhamidipadi V.The URA97 Model for Role-BasedUser-Role Assignment,Database Security XI:Status and Prospects[J].Chapman & Hall,1998 [8] Sandhu R,Bhamidipati V,Munawer Q.The ARBAC97 modelfor role-based administration of roles[J].ACM Transactions on Information and System Security,1999,2(1):105-135 [9] Sandhu R,Munawer Q.The ARBAC99model for administration of roles[C]∥Proceedings of the Annual Computer Security Applications Conference.Phoenix,USA,1999 [10] Sandhu R,Munawer Q.A Model for Role Administration Using Organization[C]∥Proceedings of the SACMAT’02.Monterey,California,USA,2002:155-162 [11] Zhang Xin-wen,Oh S,Sandhu R.PBDM:A Flexible Delegation Model in RBAC[C]∥Proceedings of SACMAT’03.Como,Italy,2003:149-157 [12] 朱君.角色协同中群体感知和访问控制技术研究[D].广州:中山大学,2009 [13] Yuan E,Tong J.Attributed based access control(ABAC) for Web services[C]∥ 2005IEEE International Conference on Web Services,2005(ICWS 2005).2005:11-15 [14] Xin J,Krishnan R,Sandhu R.A Role-Based AdministrationModel for Attributes[C]∥Proc.1st Int’l Workshop Secure and Resilient Architectures and Systems.ACM,2012:7-12 [15] Coyne E,Weil T R.ABAC and RBAC:Scalable,Flexible,andAuditable Access Management[J].IEEE Computer Society,IT Professional,2013,5(3):14-16 [16] Kirkpatrick M S,Bertino E.Enforcing Spatial Constraints forMobile RBAC Systems[C]∥Symposium on Access Control Models and Technologies-SACMAT.2010:99-108 [17] Kirkpatrick M S,Damiani M L,Bertino E.Prox-RBAC:a proxi-mity-based spatially aware RBAC[C]∥Proceedings of GIS.2011:339-348 |
No related articles found! |
|