摘要
使用控制(UCON)[1]是对访问控制的一种概述,它包含授权、职责、条件、连续性(正在进行的控制)和易变性。通常来说,访问控制只是对主体访问的目标资源进行授权,作为访问的结果并没有进行系统的分析研究。文章根据使用控制的需求,研究了一种ABC模型,该模型定义为使用控制的核心模型,并且说明了它是怎样包含了传统的访问控制,例如强制的、自主的、基于角色的访问控制。另外,也讨论了它的体系结构,引入了一种全新的对使用控制及其变化的监控方法。
The term usage control (UCON) iS a generalization of access control to cover obligations, conditions, continuity (ongoing controls) and mutability. Traditionally, access control has dealt only with authorization decisions on a subject's access to target resources, and as a consequence of access have not been systematically studied. In this paper, the need for usage control is motivated, a family of ABC models as a core model for usage control and show how it encompasses traditional access control, such as mandatory, discretionary and role- based access control. In addition, architectures is aIso discussed that introduce a new reference monitor for usage control and some variations.
出处
《计算机与数字工程》
2012年第7期84-86,共3页
Computer & Digital Engineering