期刊文献+

一种新型访问控制技术研究

Research on a New Access Control Model
下载PDF
导出
摘要 使用控制(UCON)[1]是对访问控制的一种概述,它包含授权、职责、条件、连续性(正在进行的控制)和易变性。通常来说,访问控制只是对主体访问的目标资源进行授权,作为访问的结果并没有进行系统的分析研究。文章根据使用控制的需求,研究了一种ABC模型,该模型定义为使用控制的核心模型,并且说明了它是怎样包含了传统的访问控制,例如强制的、自主的、基于角色的访问控制。另外,也讨论了它的体系结构,引入了一种全新的对使用控制及其变化的监控方法。 The term usage control (UCON) iS a generalization of access control to cover obligations, conditions, continuity (ongoing controls) and mutability. Traditionally, access control has dealt only with authorization decisions on a subject's access to target resources, and as a consequence of access have not been systematically studied. In this paper, the need for usage control is motivated, a family of ABC models as a core model for usage control and show how it encompasses traditional access control, such as mandatory, discretionary and role- based access control. In addition, architectures is aIso discussed that introduce a new reference monitor for usage control and some variations.
出处 《计算机与数字工程》 2012年第7期84-86,共3页 Computer & Digital Engineering
关键词 访问控制 使用控制 访问矩阵 ABC模型 access control usage control access matrix, ABCmodel
  • 相关文献

参考文献12

  • 1Park J, Sandhu R. The UCON usage control model[J]. ACM Transaction on Information and System Security, 2004, 7 ( 1 ) : 128-174.
  • 2D. Bell and L. LaPadula. Secure computer systems:Mathematical foundations and model[M]. MITRE Report, 1973,2 (2547).
  • 3John S. Erickson. Fair use, drm, and trusted computing [J]. Communications of the ACM, 2003,46 (4) : 34-39.
  • 4I M. H. Harrison, W. L. Ruzzo, and J. D. Ullman. Protection in operating systems[J]. Communications of the ACM, 1976, 19 (8) :461-471.
  • 5Security frameworks for open systems: Access control framework[M]. Technical Report ISO/IEC 10181-8, ISO, 1996.
  • 6Jaehong Park, Ravi Sandhu, James Schifalacqua. Security architectures for controlled digital information dissemination[C]//In Proceedings of 16th Annual Computer Security Application Conference, 2000.
  • 7Jaehong Park, Ravi Sandhu. Towards Usage Control Models: Beyond Traditional Access Control[C]//In Proceedings of 7th ACM Symposium on Access Control Models and Technologies, 2002.
  • 8Ravi Sandhu, Haehong Park. Usage control: a vision for next generation access control [ C]//Spring. VGorodetsky et al. (Eds) : MMM-ACNS 2003, LNCS 2776,2003 : 17-31.
  • 9ZHANG Xiwen, Pafisi-Presicce F, Sandhu R, et al. Formal mod el and policy specification of usage control ACM Transactions on Information and System Security[C]//(TISSEC), 2005,8 (4) :351-387.
  • 10Jaehong Park, Xiwen Zhang, Ravi Sandhu. Attribute Mutabili ty in Usage Control[C]//George Mason University, 2005.

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部