角色访问控制技术在管理信息系统中的应用

李健; 唐文忠; 宋长福

角色访问控制技术在管理信息系统中的应用

1.
北京航空航天大学机械工程及自动化学院
2. 北京航空航天大学计算机科学与工程系
3. 中国人才研究中心

详细信息

中图分类号: TP 31152
计量
- 文章访问数: 2479
- HTML全文浏览量: 31
- PDF下载量: 3
- 被引次数: 0
出版历程
- 收稿日期: 2002-04-09
- 网络出版日期: 2003-06-30

Application of RoleBased Access Control in Management Information System

1.
School of Mechanical Engineering and Automation, Beijing University of Aeronautics and Astronautics
2. Dept. of Computer Science and Engineering, Beijing University of Aeronautics and Astronautics
3. China Talent Research & Development Center

摘要

摘要: 基于角色的访问控制作为一种安全机制,已引起人们越来越多的关注.介绍了传统的自主访问控制模型和强制访问控制模型并分析了他们的特点,提出了一种基于RBAC2(Role Based Access Contrd 2)模型之上的新的访问控制模型,该模型兼顾了RBAC2模型的优点,并扩展了RBAC2模型中对于个体权限的修改能力,应用于实际的管理信息系统中的事实证明了该模型是可行的.讨论了权限的分级管理.
- 管理信息系统 /
- 资源 /
- 矩阵 /
- 自主访问控制 /
- 强制访问控制 /
- 角色
Abstract: Role based access control was being paid more and more attention as a security mechanism. Traditional access control policies, including discretionary access control (DAC) as well as mandatory access control (MAC), were first briefly introduced. An access control model based on RBAC2 was provided, which not only inherited the advantage of RBAC2, but also extended the ability of modifying individual permissions. An example application of the model is presented as a proof of its availability. The distributed management for permissions was discussed.
- management information system /
- resources /
- matrices /
- discretionary access control /
- Mandatory access control /
- role

HTML全文

参考文献(1)

[1] 谭伟贤,杨力平. 计算机网络安全教程[M]. 北京:国防工业出版社,2001.61~64 Tan Weiqiang,Yang Liping. Computer network security tutorial[M]. Beijing:National Defence Industry Press,2001.61~64(in Chinese) [2] 马林胜. 数据库应用系统用户权限适应性研究及其在管理信息系统中的实现. 北京:北京航空航天大学机械工程及自动化学院,2002 Ma Linsheng. Research of adaptability of user popedom in database-based application system and it's realization in manage information system. Beijing:School of Mechanical Engineering and Automation,Beijing University of Aeronautics and Astronautics, 2002(in Chinese) [3] 刘启原,刘怡. 数据库与信息系统的安全[M].北京:科学出版社,2000.63~66 Liu Qiyuan,Liu Yi. Database and information system security[M]. Beijing:Science Press,2000.63~66(in Chinese) [4] 李孟珂,余祥宣. 基于角色的访问控制技术及应用[J]. 计算机应用研究,2000,(10):44~47 Li Menke,Yu Xiangxuan. Technology of role-based access control and it's application[J].Computer Application Research,2000,(10):44~47(in Chinese) [5] 曹天杰,张永平. 管理信息系统中基于角色的访问控制[J]. 计算机应用,2001,21(8):21~23 Cao Tianjie,Zhang Yongping. Role-based access control in management information system [J]. Computer Applications,2001,21(8):21~23(in Chinese) [6] Kim K H. Boolean matrim theory and applications[M]. USD:Dekker, Marcel Incorporated,1982 [7] Sanhu R S,Coyne E J,Feinstein H L,et al. Role-base access models. EIII Computer,1996,29(2) [8] Ahn G J,Arvisandhu. Role-based authorization constraints specification[J]. ACM Transcations on Information and System Security, 2002,3:207~226

施引文献

资源附件(0)

访问统计