《计算机应用研究》|Application Research of Computers

使用会话期上下文检查的RBAC模型:RBACCCS

RBAC Using Context Check in Session: RBACCCS

免费全文下载 (已被下载 次)  
获取PDF全文
作者 钱伟,丁二玉,骆斌
机构 1.南京大学 计算机科学与技术系 计算机软件新技术国家重点实验室,江苏 南京 210093;2.南京大学 软件学院, 江苏 南京 210093
统计 摘要被查看 次,已被下载
文章编号 1001-3695(2006)09-0057-03
DOI 10.3969/j.issn.1001-3695.2006.09.018
摘要 在大型信息系统的设计中,访问控制一直是一项复杂的工作。基于角色的访问控制(RBAC)被推荐来代替传统的访问控制模型。应用到信息系统中时,需要解决RBAC的控制粒度问题。我们需要一个能够基于上下文进行细粒度访问控制的RBAC模型,即基于对象实例上下文上的访问控制。对现有的解决方案进行综述和比较,提出了使用会话期上下文检查的RBAC模型:RBACCCS。RBACCCS中用了参数化权限,在权限检查时用上下文变量实例化这些参数化权限,这样就解决了上下文的表示和上下文作用机制问题。最后对RBACCCS模型进行
关键词 RBAC;参数化权限;上下文检查;实现
基金项目
本文URL http://www.arocmag.com/article/1001-3695(2006)09-0057-03.html
英文标题 RBAC Using Context Check in Session: RBACCCS
作者英文名 QIAN Wei, DING Er-yu, LUO Bin
机构英文名 1. State Key Laboratory of Novel Software Technology, Dept. of Computer Science & Technology, Nanjing University, Nanjing Jiangsu 210093, China; 2. College of Software, Nanjing University, Nanjing Jiangsu 210093, China
英文摘要 In the design of largescale information system, access control system part is always a complicate task. Role Based Access Control (RBAC) has been proposed as an alternative approach to the traditional access control mechanism. When it comes to the application of RBAC in the information system, we will face the trouble of the access control granularity. We require a RBAC model, which can make access control decision based on the context information in a finegrained, identitybased way. After reviewing and comparing the solutions done before, we present a design and implement approach of RBACCCS and its capacity to fulfill the requirement of a judicial management information system. By binding the context information and corresponding parameterized permission to make access control decision, the trouble of depiction and work mechanism of the context is settled in RBACCCS. A general object model, some detailed algorithms and an application are also presented in this article.
英文关键词
参考文献 查看稿件参考文献
 
收稿日期
修回日期
页码 57-59
中图分类号
文献标志码 A