摘要
采用基于属性的访问控制模型思想,实现了分布式环境下的内部文档访问控制。采用F-Logic语言,描述了访问控制策略,具有良好的结构化知识的描述能力。采用FLORA-2作为逻辑推理引擎,具有更好的通用性。在统一的访问控制框架下,以具体应用为例,描述了基于属性的内部文档访问控制实现过程中的各个要素,包括属性描述、访问控制请求描述、策略描述。
Attribute based access control (ABAC) model is applied to solve the private file access control, which is in a distributed environment, applies F-Logic language, which is more suitable for the structured knowledge, to describe the elements of policy and applies FLORA-2, which has more generality, to work as a logic engine. In a uniform access control architecture, how to implement elements of attribute based private file access control is provided by using an example from a actual requirement, including attribute description, access control request description and Policy description.
出处
《计算机工程与设计》
CSCD
北大核心
2009年第5期1045-1047,1067,共4页
Computer Engineering and Design
基金
国家863高技术研究发展计划基金项目(2007AA01Z471)。
