期刊文献+

一种采用RBAC模型的权限体系设计 被引量:9

Competence System Based on RBAC Design and Implementation
下载PDF
导出
摘要 为了使基于角色的访问控制(RBAC)模型在权限体系中的实现程序简化,在比较分析访问控制三种主流技术——自主访问控制、强制访问控制、基于角色的访问控制的基础上,着重研究了基于角色访问控制的权限体系的模型,在基于关系数据库的权限体系的基础上,加入了用户组、菜单、菜单项等角色,提出了一套简化的基于RBAC的权限体系。最后,给出了基于RBAC模型权限体系的简化模型的实现类图,简化了权限系统中的认证和授权管理。 To simplify the realization procedures of the role based access control (RBAC) model in authority system, after comparing three prevalent access control technologies- discretionary access control (DAC), mandatory access control (MAC)and the rolebased access control,the RBAC authority system model is studied in detail. The authority system designs the concept model based on the relational database of the RBAC, adds the user group, menu, menu items and so on, a simplified authority system based on the RBAC is given. Finally, gives the simplified model graphs based on the authority system of the RBAC model so that authentication and authorization man- agement are simplified.
出处 《计算机技术与发展》 2009年第9期154-156,163,共4页 Computer Technology and Development
基金 国家教育部科技计划项目(教技司[2005]105116)
关键词 基于角色的访问控制 数据库 访问控制 权限体系 role based access control database access control authority system
  • 相关文献

参考文献9

二级参考文献27

  • 1夏志雄,张曙光.RBAC在基于Web管理信息系统中的应用[J].计算机应用研究,2004,21(7):198-199. 被引量:20
  • 2钟华,冯玉琳,姜洪安.扩充角色层次关系模型及其应用[J].软件学报,2000,11(6):779-784. 被引量:91
  • 3邹晓.基于角色的访问控制模型分析与实现[J].微计算机信息,2006,22(06X):108-110. 被引量:21
  • 4Thomas R K, Sandhu R S. Toward a task- based paradigm for flexible and adaptable access control in distributed applications[A]. In: Proc of 1992-1993 ACM SIGSAC New Security Paradigms Workshops[C]. NY: [s. n.], 1993. 138-142.
  • 5Sandhu R S, Conyne E J, Lfeinstein H, et al. Role-Based Access control Model[J]. IEEE Computer, 1996, 29(2):38-47.
  • 6Kandala S, Sandhu R. Secure Role- Based Workflow Models[A]. In: Proceedings of the 15th IFIP WG 11.3 Working Conference on Database Security [C]. Niagara, Ontario,Canada:[s.n.], 2002.45-58.
  • 7Oh S, Sandhu R. A Model for Role Administration Using Organization Structure [A]. In: Seventh ACM Symposium on Access Control Models and Technologies(SACMAT'02)[C].Monterey, California, USA: [s. n.],2002. 155-162.
  • 8Simon Brown, Robert Burdick, Jayson Falkner. Professional JSP(2nd Edition) [M].
  • 9[美]Art Taylor,Randy Layman,Brian Buege.J2EE&Java黑客大曝光—开发安全的Java应用[M].张伟,张华平,等.北京:清华大学出版社,2003.
  • 10徐晓迎.Java安全性编程实例[M].北京:清华大学出版社,2003.112—256.

共引文献33

同被引文献75

引证文献9

二级引证文献45

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部