摘要
针对传统RBAC模型的不足,在对文献中改进的模型进行了分析、研究的基础上,提出了增加约束策略和配置个性化操作界面的扩展模型——MC-RBAC,给出了模型的形式化定义,同时对该模型进行了设计实现,并在具体的信息系统开发中得以应用。实践表明,扩展后的模型能够实现操作和对象权限的细粒度控制,同时也实现了根据不同的角色自动配置不同功能的操作界面,提高了系统的安全性和配置的灵活性。
Aiming at the deficiencies of traditional RBAC model, on the basis of studying of the improved models in the literatures published, an improved model--MC-RBAC is proposed by adding constraint strategy and the configuration of personalized user interface. The formal definition of this model is given out, designed and implemented. This model is carried out by realizing fine-grained access control permission on the operations and objects and the different roles of different functional operation of automatic configuration interface. Finally, The feasibility of the model is validated by the practical application.
出处
《科技通报》
北大核心
2015年第9期136-139,共4页
Bulletin of Science and Technology
基金
江苏省自然科学基金(BK2008354)
南京交通职业技术学院科研基金(JY1108)