检索规则说明:AND代表“并且”;OR代表“或者”;NOT代表“不包含”;(注意必须大写,运算符两边需空一格)
检 索 范 例 :范例一: (K=图书馆学 OR K=情报学) AND A=范并思 范例二:J=计算机应用与软件 AND (U=C++ OR U=Basic) NOT M=Visual
机构地区:[1]同济大学CIMS研究中心
出 处:《计算机集成制造系统》2007年第11期2224-2228,共5页Computer Integrated Manufacturing Systems
基 金:上海市科技发展基金重大资助项目(04DZ11007)。~~
摘 要:针对工作流系统中监控权限划分粗糙的问题,提出了一个基于角色的访问控制方案。根据工作流执行原理和监控需求,将监控服务分为系统层和应用层,以监控对象、监控人、监控操作方法作为研究对象,给出了形式化描述和细粒度划分。在此基础上,提出了访问控制模型,描述了角色、用户和监控对象等各要素之间的关系,给出了授权方法、潜在规则和实例状态约束,保证了监控操作的合理性。基于以上理论和方案,在已有的项目平台上开发了流程监控子系统,满足了不同层次人员对监控权限的灵活需求。To solve the problem of coarse monitoring permission partition in workflow systems,a role-based access control security solution was put forward.According to workflow execution principles and monitoring requirements,monitoring server was divided into system layer and application layer.Monitoring object,monitor,operation were considered as analysis object,and formal description and fine granularity partition were provided.Based on these,a role-based access control model was proposed,and the relationships among role,user and monitoring object were described.In addition,authorization method,default rules and state-based constraints were given to guarantee monitoring operation security and rationality.Finally,based on the proposed theory and technologies,a workflow monitoring subsystem prototype was developed on an existing project platform.Practice proved that the subsystem could satisfy users' flexible requirements for monitoring permission.
分 类 号:TP311[自动化与计算机技术—计算机软件与理论]
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在链接到云南高校图书馆文献保障联盟下载...
云南高校图书馆联盟文献共享服务平台 版权所有©
您的IP:18.116.10.73
