摘要
针对被动式的基于角色访问控制在企业环境中的应用,提出一种基于加密权限代码的访问控制方法,并利用加密技术,以提高权限数据的安全性.该方法不仅能非常简便地实现访问的控制,提高访问控制的执行效率,还能大大简化编程的复杂性,节约对访问控制功能的开发时间.结合信息系统开发实例,详细介绍该方法在被动式访问控制中的实现原理及其使用方法,并对该方法在主动式的基于任务访问控制中的应用进行探讨.
Aimed at the application of passive role-based access control in the enterprise circumstance, an access control method based on encryption authority code was put forward. Encrypting technique is also incorporated into this method to strengthen the security of data. With this method not only the access control could be simply implemented and its implementation efficiency improved, but the programming complexity could also be simplified, so that the development time of the access control functions would be saved a lot. The realization principle and utilization method of this method in passive role-based access control were elaborated with an example of information system development. And its application in active task-based access control was discussed also.
出处
《兰州理工大学学报》
CAS
北大核心
2008年第5期100-104,共5页
Journal of Lanzhou University of Technology
基金
"十一五"国家科技支撑计划项目(2006BAF01A21)
关键词
访问控制
信息管理系统
加密
代码
授权
access control
information management system
encryption
code
authorization
