摘要
针对传统基于角色的访问控制机制中授权方式单一的不足,提出一种基于信任相似度的RBAC访问控制机制。通过计算用户信任特征向量与标准特征向量之间的相似度估量用户的可信程度,而非传统方法中计算单个用户的信任值;根据相关的权限限制策略,对用户已分配的权限进行细粒度的限制;通过对仿真结果的分析,进一步确定系统中信任特征分配的合适数目。与传统RBAC机制相比,该机制具有细粒度控制、约束性强等优点。
To solve the problem of dull authorization method in traditional role based access control mechanism, a kind of RBAC access control mechanism based on the trust similarity was proposed. The users' confidence level was determined by calculating the similarity between users' trust feature vector and standard feature vector instead of calculating the trust value of single user in the traditional method. Fine-grained limits affected the users' allocated permissions according to relevant permission policies. The suitable number of trust features in the system was determined through the analysis of simulation. Compared with the tradi- tional RBAC mechanism, the proposed mechanism has the advantages of fine-grained limits and stronger constraints.
出处
《计算机工程与设计》
北大核心
2015年第8期2069-2073,共5页
Computer Engineering and Design
基金
山东省自然科学基金项目(ZR2011FM019)
