北京航空航天大学学报 ›› 2005, Vol. 31 ›› Issue (10): 1153-1158.

• 论文 • 上一篇    

CMS中RBAC模型的改造和应用

曹勇刚, 金茂忠, 刘超   

  1. 北京航空航天大学 计算机学院, 北京 100083
  • 收稿日期:2004-11-19 出版日期:2005-10-31 发布日期:2010-09-20
  • 作者简介:曹勇刚(1977-),男,湖南长沙人,博士生, ygcao@cse.buaa.edu.cn.
  • 基金资助:

    国家863基金资助项目(2003AA118101)

Modified RBAC model and its application on content management system

Cao Yonggang, Jin Maozhong, Liu Chao   

  1. School of Computer Science and Technology, Beijing University of Aeronautics and Astronautics, Beijing 100083, China
  • Received:2004-11-19 Online:2005-10-31 Published:2010-09-20

摘要: 针对内容管理系统(CMS)中内容、权限和用户数量规模大的特点,采用形式化方法定义了改造后的基于角色的权限模型——RBAC0.5.对照RBAC96定义的4个模型,RBAC0.5是一个介于RBAC0和RBAC1之间的新模型.它覆盖了RBAC0,将RBAC1中的角色层次关系改造为通过用户组关联的映射关系,从而获取以关系型数据库为后台的集合操作能力.并且,为了有效组织CMS中的内容,形式化定义了内容分区和层次分类,在此基础上定义了层次化的权限集合,从而支持多层粒度上的访问控制.基于上述模型, 给出CMS中基于短路操作、垃圾收集以及缓存技术的实现访问控制的优化算法.

Abstract: Focusing on the large scale characteristic of content, users and permissions in content management system (CMS), a modified role based access control(RBAC) model, RBAC0.5, is formally defined. In contrast with the four models defined by RBAC96, the RBAC0.5 is formed as a new model between the basic model (RBAC0) and the enhanced model (RBAC1). It covers RBAC0 and alters the hierarchical relations among roles in RBAC1 to flat mapping by introducing the middle layer--user group. By using RBAC0.5, set operation can be performed with the relational database back-end. In addition, the partition and hierarchy category are formally defined for the arrangement of content in CMS by their media type and their semantic. Based on those definitions, the multi-layer permission sets are defined on partitions and categories for the multi-grained access control. According to such models, the implementation of the access control in the CMS uses short circulating operation, garbage collection and caching technology for performance optimization. Pseudo codes of the algorithms are also given.

中图分类号: 


版权所有 © 《北京航空航天大学学报》编辑部
通讯地址:北京市海淀区学院路37号 北京航空航天大学学报编辑部 邮编:100191 E-mail:jbuaa@buaa.edu.cn
本系统由北京玛格泰克科技发展有限公司设计开发