摘要
随着分布式计算的不断发展,传统的基于角色的安全性(RBAC)模型已无法满足分布式安全的要求,该文根据微软的代码访问安全性,归纳出基于证据的代码访问控制(EBCAC)模型和它的一种形式化描述,该模型能实现对系统更低层次的访问控制;提出了一种改进的基于证据的代码访问控制系统设计方案,给出了防止引诱攻击的实例。
With the development of the distributed computing, traditional role-based access control model doesn't meet the demand of distributed computing security any more. An evidence-based code access control(EBCAC) model, which can provide the lower access control of system security, is generalized from code access control of Microsoft in this paper. It gives a formalized description and describes an improved system architecture based on it. It also discusses how to implement and gives an instance of EBCAC model.
出处
《计算机工程》
CAS
CSCD
北大核心
2007年第13期161-163,167,共4页
Computer Engineering
关键词
分布式网络安全
访问控制
引诱攻击
distributed network security
access control
luring attack
