期刊文献+
任意字段
题名或关键词
题名
关键词
文摘
作者
第一作者
机构
刊名
分类号
参考文献
作者简介
基金资助
栏目信息

带属性策略的RBAC权限访问控制模型 被引量:21

RABC Permission Access Control Model with Attribute Policy
下载PDF
导出
摘要 传统基于角色的访问控制(RBAC)不能很好地解决多方访问控制下信任等级的细粒度区分.本文对多种角色访问控制模型及属性特征进行了研究,提出基于属性策略的RBAC模型,对模型进行了形式化定义.在基于属性策略的RBAC模型中,扩展了RBAC中角色的概念,对角色的属性进行了定义并提供基于属性策略的验证方式,进而给出了多方精确访问控制的实现,提高了访问控制的灵活性和对数据对象粒度控制的精确性.在云计算平台上,设计并实现了SaaS模式下的细粒度对象管理服务,实验验证了该模型对动态权限变化的适应能力及多方访问的权限控制能力. Fine-grained trust level distinction in multi-access control is not well resolved in traditional role-based access control (RBAC) model. In this paper, a variety of role-based access control models and attribute characteristics are deeply researched, and an attribute-policy-based RBAC model is proposed, then defined formally. Attribute-policy-based RBAC model extends the concept of RBAC roles, defines properties for roles and provides an attribute-policy-based authentication. The model gives the realization of precise and flexibility multi-access control and improves access control accuracy for fine-grained data objects. In cloud computing platform, a SaaS model of fine-grained object management services is designed and implemented. Experiment shows that the model is adaptive to changes in the dynamic permissions and has ability to control multi-access control.
作者 李唯冠 赵逢禹
机构地区 上海理工大学光电信息与计算机工程学院
出处 《小型微型计算机系统》 CSCD 北大核心 2013年第2期328-331,共4页 Journal of Chinese Computer Systems
基金 国家自然科学基金委员会与中国民用航空局联合资助项目(60979011)资助
关键词 基于角色的访问控制 细粒度访问控制 属性策略 对象授权 SAAS RBAC fine-grained access control attribute-policy object authorization SaaS
分类号 TP309 [自动化与计算机技术—计算机系统结构]
  • 相关文献

参考文献2

二级参考文献18

  • 1潘德锋,徐少平,梁庆中,吴信才.基于操作的MIS多级授权模型的实现[J].计算机应用,2003,23(z1):100-102. 被引量:17
  • 2SNYDER L. Formal models of capability-based protection systems [J]. IEEE Transactions on Computers, 1981,30(3) : 172 - 181.
  • 3FERRAIOLO D, KUHN R. Role-based access control[ C]// Proceedings of 15th National Computer Security Conference, Washington, DC: IEEE, 1992:554 -563.
  • 4OH S, PARK S. Task-Role-Based-Access-Control (TRBAC): An improved access control model for enterprise enviroment[C]//Database and Expert Systems Applications, LNCS 1873. Berlin: Springer, 2000:264-273.
  • 5SANDHU R, FERRAIOLO D, KUHN R. The NIST model for role based access control towards a unified standard[C] //Proceedings 5th ACM Workshop on Role Based Access Control. New York: ACM, 2000:47-63.
  • 6RAVI S, EDWARD C. Role-based access control models[J]. IEEE Computer, 1996, 29(2): 38 -47.
  • 7Yu Zheng,Dake He,Yu Wei-chi,Tang Xiao-hu.Trusted computing-based security architecture for 4G mobile networks,parallel and distributed computing[C].Applications and Technologies,2005,PDCAT 2005.Sixth International Conference on,251-255.
  • 8Ferraiolo D,Cugini J,Kuhn D R.Role based access control (RBAC):features and motivations[C].Proc.1995 Computer Security Applications Conference,December 1995:241-248.
  • 9Ferraiolo D,Sandhu R,Gavrila S,et al.A proposed standard for role based access control[J].ACM Transactions on Information and System Security.August,2001,4(3):224-274.
  • 10Ouyang Kai,Zhou Jing-li,Xia Tao,Yu Sheng-sheng.An application-layer based centralized information access control for VPN[J].Journal of Zhejiang University (SCIENCE A) Feb.2006,7(2):240-249.

共引文献18

同被引文献177

引证文献21

二级引证文献88

小型微型计算机系统
2013年 第2期

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部