期刊文献+

一种改进的RBAC角色层次模型(英文) 被引量:2

An Improved Role Hierarchy Model for Role Based Access Control
下载PDF
导出
摘要 介绍一种基于角色的访问控制模型,分析了RBAC96中的角色层次模型和私有权限问题,并指出Sandhu's解决方案的不足.提出了一种改进的角色层次模型用于改善RBAC96,并提出一些新的概念,比如:公有权限、私有权限和继承范围.在新的角色层次模型中,上级角色从下级角色继承公有权限,但不继承私有权限.新的角色层次模型对相同的角色层次关系的描述比RBAC96更简单和易于理解,且适合应用于具有更多、更复杂的角色层次关系,比如:操作系统,DBMS,分布式应用等. In this paper,we introduce the role-based access control model, analyse the role hierarchy model and the problem of private permissions in RBAC96, and point out the disadvantage of Sandhu's solution. An improved role hierarchy model is introduced against the drawback of RBAC96;some new concepts such as public permission, private permission and scope of inheritance are presented in the model. In the role hierarchy model, the senior role inherits public permissions from junior role but not private permissions. Thus a new role hierarchy model is for mulated. It is simpler and more comprehensible to describe the same role relationships in the improved model than the RBAC96. It will be flexible and suitable in large-scale role hierarchies, such as operating systems, DBMS, distributed applications, etc.
作者 余敏 余文森
出处 《江西师范大学学报(自然科学版)》 CAS 2004年第1期11-14,共4页 Journal of Jiangxi Normal University(Natural Science Edition)
基金 江西省自然科学基金资助项目(0311036).
关键词 RBAC角色层次模型 私有权限 公有权限 访问控制模型 继承范围 程序设计 role hierarchy model private permission public permission role-based access control
  • 引文网络
  • 相关文献

参考文献1

二级参考文献6

  • 1[1]Sandhu R, Coyne E, Feinstein H, et al. Role-based access control model[J]. IEEE Computer, 1996,29(2):38-47. 被引量:1
  • 2[2]Sandhu R, Ferraiolo D, Kuhn R. The NIST model for role-based access control: Towards a unified standard[Z]. The Fifth ACM Workshop on Role-Based Access Control, Berlin, 2000. 被引量:1
  • 3[3]Sandhu R, Munawer Q. The ARBAC99 model for administration of roles[EB/OL]. http:∥www.list.gmu.edu/conference-papers.htm,2000-11-01/2001-03-08. 被引量:1
  • 4[4]Goh C, Baldwin A. Towards a more complete model of role[Z]. The Third ACM Workshop on Role-Based Access Control, Fairfax, VA, 1998. 被引量:1
  • 5[5]Moffett D, Lupu C. The uses of role hierarchies in access control[Z]. 4th ACM Workshop on RBAC, Fairfax, VA,1999. 被引量:1
  • 6[6]Osborn S, Sandhu R, Munawer Q. Configuring role-based access control to enforce mandatory and discretionary access control policies[J]. ACM Transactions on Information and System Security, 2000,3:85-106. 被引量:1

共引文献17

同被引文献3

引证文献2

二级引证文献5

;
使用帮助 返回顶部