北京航空航天大学学报 ›› 2006, Vol. 32 ›› Issue (07): 873-876.

• 论文 • 上一篇    

企业门户中基于令牌的角色访问控制模型

朱晓洁, 熊璋, 吴晶   

  1. 北京航空航天大学 计算机学院, 北京 100083
  • 收稿日期:2005-07-25 出版日期:2006-07-31 发布日期:2010-09-19
  • 作者简介:朱晓洁(1982-), 女, 湖南湘潭人, 硕士生, zhu xiaojie@hotmail.com.
  • 基金资助:

    国家高技术研究发展计划(863计划)资助项目(2002AA113070)

New model for token role-based access control on enterprise portal

Zhu Xiaojie, Xiong Zhang, Wu Jing   

  1. School of Computer Science and Technology, Beijing University of Aeronautics and Astronautics, Beijing 100083, China
  • Received:2005-07-25 Online:2006-07-31 Published:2010-09-19

摘要: 企业门户中用户和访问权限管理的研究是一项复杂且具挑战性的工作.传统的基于角色的访问控制模型(RBAC,Role-Based Access Control)在实现上通常受单一系统和应用的约束,因此提出了一种基于令牌的角色访问控制模型(TRBAC,Token Role-Based Access Control).该模型采用门户平台下的单点登录(SSO,Single Sign On)技术,将RBAC模型与令牌访问机制相结合,使角色能跨越门户平台下所有的Web应用.该模型是一个动态激活的模型,根据用户实际的访问需求动态激活相应角色,为用户管理和访问控制管理提供了一个新的解决方案.TRBAC模型具有统一的用户安全管理标准,支持集中审核和控制.实践表明,采用TRBAC 模型提高了系统的访问效率,保证了系统的安全性.

Abstract: Manage users and access rights are a complex and challengeable job in enterprise portal. Importing the role concept may simplify the access control, but its implementation is usually constrained by the single system and application. A new model,TRBAC(token role-based access control), was proposed for RBAC(role-based access control)on enterprise portal, which integrated the SSO(single sign on) technology and combined the RBAC model with token access mechanism. The role could span all web systems in portal. It was a token-based and dynamic-activated access control model, which could dynamically adjust the access rights according to user access requirement. It solved the problems on user management and access control management, and supported the corporate security standards, central auditing and control. The practice indicates that TRBAC improves the system efficiency and ensures the security.

中图分类号: 


版权所有 © 《北京航空航天大学学报》编辑部
通讯地址:北京市海淀区学院路37号 北京航空航天大学学报编辑部 邮编:100191 E-mail:jbuaa@buaa.edu.cn
本系统由北京玛格泰克科技发展有限公司设计开发