检索规则说明:AND代表“并且”;OR代表“或者”;NOT代表“不包含”;(注意必须大写,运算符两边需空一格)
检 索 范 例 :范例一: (K=图书馆学 OR K=情报学) AND A=范并思 范例二:J=计算机应用与软件 AND (U=C++ OR U=Basic) NOT M=Visual
作 者:欧阳昱[1]
机构地区:[1]北京理工大学信息科学技术学院计算机科学与工程系,北京100081
出 处:《计算机工程与应用》2005年第2期112-115,190,共5页Computer Engineering and Applications
基 金:国家"十五"科技攻关计划(编号:2001BA105A1006)
摘 要:访问控制是信息安全领域的重要问题之一;目前,基于角色的访问控制模型(RBAC)已被广泛接受,并成为领域专家学者研究的热点;职责分割(SoD)是RBAC的重要方面,它为增强高层次的组织安全策略提供了强大的机制,RBAC职责分割定义给出了各种职责分割约束的具体内容;针对不同的职责分割需求,各种基于角色的访问控制职责分割约束实现模型不断出现;根据应用系统的实际需求选择合适的访问控制模型必须了解各种模型的特点,该文通过分析RBAC中不同SoD模型的特点,指出其适用范围。Access control is an important content in the field of information security.At present ,the model of Role-Based Access Control(RBAC)has been widely accepted and has becoming the hotspot of related experts and scholars.Separation of Duty(SoD)is an important aspect of RBAC and is a powerful mechanism to enforce high-level security policy of an organization.The specific contents of constraints in each kind of SoDs are given by the definitions of SoDs in RBAC.Variant realization models of SoDs in RBAC have been emerged to satisfy different requirements on SoDs.To select a suitable access control model according to the real requirements in an application system,the advantages of each model must be carefully analysised.In this paper,the advantages of variant SoD models in RBAC are analysised and the suitable application fields of those models are pointed out.
分 类 号:TP311[自动化与计算机技术—计算机软件与理论]
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在链接到云南高校图书馆文献保障联盟下载...
云南高校图书馆联盟文献共享服务平台 版权所有©
您的IP:216.73.216.222
