期刊文献+
任意字段
题名或关键词
题名
关键词
文摘
作者
第一作者
机构
刊名
分类号
参考文献
作者简介
基金资助
栏目信息

具有时空约束的角色访问控制模型 被引量:5

Role-based access control model with spatio-temporal constraint
下载PDF
导出
摘要 信息技术的高度发展对信息安全提出了新的挑战,经典的基于角色的访问控制(RBAC)中缺乏对时间和空间的约束,使RBAC模型不能适应信息系统新的安全需求。在RBAC的基础上,引入了时空域的定义,对模型中各要素进行了时间和空间约束,提出了具有时空约束的角色访问控制模型(TSRBAC)。形式化地描述了TSRBAC,并定义了时空角色继承和时空职责分离,给出了时空访问控制算法。 The highly development of information technology has brought new challenges to information security.Because of the lack of time and space constraints,traditional RBAC model cann't meet the new requirements of information system.On the basis of RBAC,the definition of spatio-temporal domain is introduced,each element of the model is constrained with time and space, and the spatio-temporal role based access control model(TSRBAC) is proposed.In this paper,TSRBAC is described formally, spatio-temporal role hierarchy and spatiotemporal separation of duty are defined.The spatio-temporal access control algorithm has also been given.
作者 安小明 王小明 王巧玲
机构地区 陕西师范大学计算机科学学院 陕西师范大学智能信息处理与信息安全研究所
出处 《计算机工程与应用》 CSCD 北大核心 2010年第7期89-92,共4页 Computer Engineering and Applications
基金 国家自然科学基金No.60773224 教育部科学研究重点项目No.107106 陕西省自然科学基金No.2006F27~~
关键词 角色访问控制 时空域 时空约束 时空职责分离 role-based access control spatio-temporal domain spatio-temporal constraint spatio-temporal separation of duty
分类号 TP309 [自动化与计算机技术—计算机系统结构]
  • 相关文献

参考文献9

  • 1Sandhu R S,Coyne E J,Feinstein H L,et al.Role-based access control models[J].Computer, 1996,29(2) : 38-47. 被引量:1
  • 2Bertino E,Bonatti P A,Ferrari E.TRBAC:a temporal role-based access control model[J].ACM Transactions on Information and System Security, 2001,4 ( 3 ) : 191-223. 被引量:1
  • 3Damiani M L,Bertino E,Catania B,et al.GEO-RBAC:a spatially aware RBAC[C]//Proc of the Tenth ACM Symposium on Access Control Models and Technologies,Stockholm,Sweden,2005:29-37. 被引量:1
  • 4黄建,卿斯汉,温红子.带时间特性的角色访问控制[J].软件学报,2003,14(11):1944-1954. 被引量:73
  • 5王小明,赵宗涛.基于角色的时态对象存取控制模型[J].电子学报,2005,33(9):1634-1638. 被引量:18
  • 6Chae S H,Kim W,Kim D K.uT-RBAC:ubiquitous role-based access control model[J].Information and Communication Engineers,2006, E89-A( 1 ) : 238-239. 被引量:1
  • 7Fu S,Xu C Z.A coordinated spatio-temporal access control model for mobile computing in coalition environments[C]//Proc of the 19th IEEE International Parallel and Distributed Processing Symposium, Denver, CA, 2005. 被引量:1
  • 8徐洪学,郭秀英,刘永贤.基于RBAC的具有时空约束的工作流授权模型[J].东北大学学报(自然科学版),2006,27(2):217-220. 被引量:6
  • 9Li N H,Bizri Z,Tripunitara M V.On mutually-exclusive roles and separation of duty[C]//Proc of the 11th ACM Conference on Computer and Communications Security.Washington DC,New York: ACM Press,2004:42-51. 被引量:1

二级参考文献25

  • 1邢光林,洪帆.一个基于RBAC的工作流授权模型[J].小型微型计算机系统,2005,26(3):544-547. 被引量:6
  • 2Sandhu R S,Coyne E J,Feinstein H L.Role-based access control models[J].IEEE Computer,1996,39(2):38-47. 被引量:1
  • 3Atluri V,Huang W K.Enforcing mandatory and discretionary security in workflow management systems[J].Journal of Computer Security,1997,5(4):303-339. 被引量:1
  • 4Adam N R,Atluri V,Huang W K.Modeling and analysis of workflows using petri nets[J].Journal of Intelligent Information Systems,1998,10(2):131-158. 被引量:1
  • 5Ahn G J.Injecting RBAC to secure a web-based workflow system[A].In Proceeding of Fifth ACM Workshop on Role-Based Access Control[C].Berlin:ACM,2000.26-28. 被引量:1
  • 6Atluri V,Huang W K,Bertino E.A semantic based execution model for multilevel secure workflows[J].Journal of Computer Security,2000,8(1):3-41. 被引量:1
  • 7Atluri V,Huang W K.A petri net based safety analysis of workflow authorization models[J].Journal of Computer Security,2000,8(2):83-94. 被引量:1
  • 8Kandala S,Sandhu R S.Secure role-based workflow models[EB/OL].http:∥www.list.gmu.edu/confrnc/ifip/i01-rbwm.pdf,2001-10-31. 被引量:1
  • 9Wu S L,Sheth A,Miller J,et al.Authorization and access control of application data in workflow system[J].Journal of Intelligent Information System,2002,18(1):71-94. 被引量:1
  • 10Atluri V.Security for workflow systems[EB/OL].http:∥cimic.rutgers.edu/~atluri/workflow.pdf,2003-02-05. 被引量:1

共引文献93

同被引文献36

  • 1谭毓安,王佐,曹元大.RSA数字签名算法在软件加密中的应用[J].计算机系统应用,2004,13(8):33-35. 被引量:6
  • 2lnformation Technology Industry Council (ITI) "American National Standard for Information Technology -Role Based Access Control(draft)". April 2003. 被引量:1
  • 3D. Ferraiolo, R. Sandhu, S. Gavrila, D.R. Kuhn, R. Chandramouli, "A Proposed Standard for Role Based Access Control" ACM Transactions on Information and System Security , vol. 4, no. 3 (August, 2001) - draf~ of a consensus standard for RBAC. 被引量:1
  • 4Struts-menu源码分析[EB/OL].http://www.raibledesigns.com/struts-menu.2006-9-10. 被引量:2
  • 5Ferraiolo D F, Barkley J F, Kuhn D R.A role based access control model and reference implementation within a corporate intranet[J].ACM Transactions on Information and System Security,1999,2( 1):47-68. 被引量:1
  • 6Sandhu R, Coyne E J, Feinstein H L, et al.Role-based access control models[J].IEEE Computer, 1996, 29(2): 38-47. 被引量:1
  • 7Epstein P, Sandhu R.Towards a UML based approach to role engineering[C]//Proceedings of the 4th ACM Work- shop on Role-Based Access Control,Fairfax, 1999. 被引量:1
  • 8Youman C, Coyne E, Sandhu R.Proceedings of the 3rd ACM Workshop on Role-Based Access Control[C].[S.l.]: ACM, 1998:555-557. 被引量:1
  • 9Ferraiolo D F, Sandhu R, Gavrila S, et al.Proposed NIST standard for role-based access control[J].ACM Transac- tions on Information and System Security,2001,43 (3) : 224-274. 被引量:1
  • 10陈雄华.Acegi框架介绍[EB/OL].程序员大本营.(2007)http://blog.csdn.net/bio_go/archive/2008/07/28/2723350.aspx/. 被引量:1

引证文献5

二级引证文献4

计算机工程与应用
2010年 第7期

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部