摘要
随着网络应用的发展 ,应用对安全管理的需求逐步提高 .由于安全管理最终目的是实现对资源的安全使用 ,访问控制成为安全协议中的核心问题 .目前基于角色的访问控制 (RBAC)正在因为适应于广大的商业和政府应用的需要而逐渐为人们所重视 .另一方面 ,由于异构环境的存在和异构环境下实现互操作的需求 ,CORBA凭其广泛的支持力而成为中间件规范的公认标准 .本文基于〔6〕的分析之上 ,描述 CORBA对 RBAC的方便支持 ,但是现有的 CORBA中对角色的管理有诸多不足 ,对此本文提出基于 CORBA的 RBAC实现中角色的动态管理机制 ,给出了管理框架描述 ,从而使
With the development of internet/intranet applications, security administration becomes more and more important. One of key issues of security is access control since the ultimate goal of security administration is to ensure the safe access to resources. On the one hand, RBAC (Role Based Access Control) has received much attention because it well matched commercial and government application requirements. On the other hand, CORBA has become a worldwide industry standard for constructing distributed software systems due to its support for interoperability in heterogeneous environments. This paper describes how CORBA supports RBAC conveniently, and then gives an architecture for incorporating dynamic role management into CORBA based RBAC. The improved RBAC is proved to be better suited to the distributed heterogeneous environments.
出处
《小型微型计算机系统》
CSCD
北大核心
2001年第11期1359-1363,共5页
Journal of Chinese Computer Systems
基金
国家自然科学基金项目 (60 0 73 0 2 9
6980 3 0 0 5 )资助
