| 基于角色上下文的强制访问控制的RBAC实现 |
| |
| 引用本文: | 熊 智,刘嘉勇,任 伟.基于角色上下文的强制访问控制的RBAC实现[J].太赫兹科学与电子信息学报,2009,7(6):589-592. |
| |
| 作者姓名: | 熊 智 刘嘉勇 任 伟 |
| |
| 作者单位: | 四川大学,信息安全研究所,四川,成都,610064 |
| |
| 摘 要: | 通过对Sandhu方法和一种考虑角色上下文的基于角色的访问控制(RBAC)构造方法研究,针对Sandhu方法中没有考虑上下文和考虑角色上下文的构造方法中存在的权限扩散、不支持最小权限和职责分离等问题,给出了一种改进的考虑角色上下文的RBAC构造方法。该构造方法能够较好地解决考虑角色上下文的RBAC构造方法中存在的问题,并且重新定义角色上下文,使得新构造方法与实际应用更加相符,并给出新构造方法的正确性的简要证明。
|
| 关 键 词: | 基于角色的访问控制 强制访问控制 角色上下文 |
| 收稿时间: | 2009/2/10 0:00:00 |
| 修稿时间: | 2009/4/17 0:00:00 |
Realization of role context-based mandatory access control |
| |
| XIONG Zhi,LIU Jia-yong and REN Wei.Realization of role context-based mandatory access control[J].Journal of Terahertz Science and Electronic Information Technology,2009,7(6):589-592. |
| |
| Authors: | XIONG Zhi LIU Jia-yong and REN Wei |
| |
| Institution: | (Institute of Information Security, Sichuan University, Chengdu Sichuan 610064, China) |
| |
| Abstract: | The existing Sandhu method and one Role-Based Access Control(RBAC) construction method considering the role context and simulating Mandatory Access Control(MAC) were analyzed. For the problems of Sandhu method not considering via the role context and of later method existing privilege diffusion and lacking the ability of supporting least privilege and separation of duties, this study proposed an advanced method of reconstructing the role-based access control model with role context considered. The structure of the proposed construction provided a better solution for problems existing in the considering role context RBAC construction method, and re-defined the role context to make the method more suitable for the practical application. A brief theoretical analysis of the new construction was given in the end. |
| |
| Keywords: | Role-Based Access Control Mandatory Access Control role context |
| 本文献已被 维普 万方数据 等数据库收录! |
| 点击此处可从《太赫兹科学与电子信息学报》浏览原始摘要信息 |
| 点击此处可从《太赫兹科学与电子信息学报》下载免费的PDF全文 |
