摘要
分析了授权操作的运算规律,定义了授权算子集及其运算规则,提出了小粒度分级授权机制的三层架构;同时,基于定义的算子,对操作权限进行了分类,定义了小粒度分级授权模型的固有规则,建立了实际操作和算子组合之间的映射模型,完成了授权业务操作的同步,建立了资源可拓、分级授权的小粒度授权模型,实现了复杂资源的小粒度分级授权。最后以产品文档管理系统的小粒度授权模块为实例,证明了研究内容的有效性。
This thesis analyses the operation rules of authorization, defines the authorization operations and these rules, defines a three-lies construction model for the reality of the system; based on the defined operations and rules, classifies the operating privileges, defines the inherent rules of the system, and constructs the mapping model between the reality operations and the logic operations, makes these correlative operations synchronous, builds an open and extended authorization system. At last, the thesis validates the practicality and effectiveness of the constructed system by the privilege management of product document management system.
出处
《计算机工程》
EI
CAS
CSCD
北大核心
2005年第13期81-83,共3页
Computer Engineering
基金
国家"863"计划基金资助项目(2003AA4144023)
广东自然科学基金团队项目(2003051)
关键词
复杂资源
粒度
分级授权
授权算子
授权规则
Complicated resource
Fine granularity
Multi-level authorization
Authorizing operation
Authorization rules
