面向产品生命周期管理的多粒度访问控制模型  被引量:1

PLM-oriented multi-granular access control model

在线阅读下载全文

作  者:耿俊浩[1] 张振明[1] 田锡天[1] 张定华[2] 

机构地区:[1]西北工业大学CAPP与制造工程软件研究所,陕西西安710072 [2]西北工业大学现代设计与集成制造技术教育部重点实验室,陕西西安710072

出  处:《计算机集成制造系统》2008年第11期2119-2128,2133,共11页Computer Integrated Manufacturing Systems

基  金:国家863/CI MS主题资助项目(2007AA040503)~~

摘  要:为满足复杂应用环境下产品生命周期管理系统的访问控制需求,提出一种面向产品生命周期管理的多粒度访问控制模型。该模型通过完善基于角色的访问控制方法中访问主体的组成粒度和访问客体的层次粒度,引入访问客体生命周期粒度和许可分配控制粒度,在扩大基于角色的访问控制范围的同时,一定程度上降低了误授权率和公共许可的重复授权量,实现了对不同层次和生命周期状态的访问客体的精确控制,解决了临时授权、项目授权、委托授权等导致的许可一致性控制问题。最后,给出了该模型的形式化描述和许可一致性控制算法,并通过实例验证了该模型的有效性。To meet the access control requirements of Product IAfecycle Management (PLM) system in complicated application circumstances, PLM oriented Multi-granular Access Control (PLM MAC) model was proposed based on Role-Based Access Control (RBAC) standard. Access subject composition granularities and access object hierarchical granularities from RBAC model were improved in this model; access object lifecycle granularities and permission assignment control granularities were introduced into PLM MAC model. While the control scope of RBAC model was extended in PLM MAC, it reduced the probability of authorization mistakes and the quantity of repeated public authorization; it implemented the precise control for various access objects in all levels and all lifecycle states; and it resolved the permission coherence control induced by temporary authorization, project authorization and delegation authorization. At last, a formal description of PLM MAC model as well as an algorithm of permission consistency control were presented, and an application example was provided to verify the effectiveness of PLM MAC method.

关 键 词:访问控制 产品生命周期管理 粒度 基于角色的访问控制 

分 类 号:TP391.7[自动化与计算机技术—计算机应用技术]

 

参考文献:

正在载入数据...

 

二级参考文献:

正在载入数据...

 

耦合文献:

正在载入数据...

 

引证文献:

正在载入数据...

 

二级引证文献:

正在载入数据...

 

同被引文献:

正在载入数据...

 

相关期刊文献:

正在载入数据...

相关的主题
相关的作者对象
相关的机构对象