摘要
基于角色的访问控制(RBAC)被普遍认为是当前最具有发展潜力的访问控制策略,已经成为信息安全等领域研究的热点之一。本文对典型RBAC模型进行了扩展,增加了对用户组、访问客体以及访问模式等概念的抽象。在有多用户参与以及多客体的大型分布式信息管理系统中该模型具有更好的可用性以及与现实世界更接近。
Role-based access control(RBAC) has been generally accepted as one of the most promising access control policies,and it has become a hot research topic in the area of information security.The paper expands the traditional role-based access control(RBAC) model.The new model adds the abstraction of user group,objects and access mode.The new model in large distributed information management system which has more users and more objects has stronger usability and is closer to real world than the traditional RBAC model.
出处
《网络安全技术与应用》
2011年第10期45-47,共3页
Network Security Technology & Application