检索规则说明:AND代表“并且”;OR代表“或者”;NOT代表“不包含”;(注意必须大写,运算符两边需空一格)
检 索 范 例 :范例一: (K=图书馆学 OR K=情报学) AND A=范并思 范例二:J=计算机应用与软件 AND (U=C++ OR U=Basic) NOT M=Visual
机构地区:[1]江苏大学计算机科学与通信工程学院,江苏镇江212013
出 处:《小型微型计算机系统》2009年第12期2348-2355,共8页Journal of Chinese Computer Systems
基 金:国家自然科学基金项目(60603041)资助;江苏省自然科学基金项目(BK206073)资助
摘 要:支持空间特性的RBAC模型描述了多种空间约束,这些空间约束不但表达了位置感知系统中细粒度空间语义,而且给模型增加了空间安全描述能力.能否准确实施空间约束直接影响应用系统功能和开销.本文研究空间职责分离(SSoD)约束的两种实施策略:(1)直接实施(2)间接实施.证明了直接实施是一个NP完全问题,而通过互斥空间角色(MESR)约束间接实施SSoD是有效的.多个MESR约束可以实施同一个SSoD,在比较后发现,当使用最小MESR约束作为实施机制时,能有效避免冗余约束准确实施该SSoD.为获得最小MESR约束本文给出了GEN-MESR算法.RBAC model with spatial characteristics allows express various role-based constraints with spatial characteristics for not only specify fine-grained spatial semantics that are typical in location-aware systems but also strengthen the security capability. In this paper, we study enforcement of spatial Separation of Duty ( SSoD) constraints. We show that direcdy enforcing SSoD constraints is intractable ( coNP-complete), while checking whether a system state satisfies a set of Mutually Exclusive Spatial Role ( MESR ) constraints is efficient. So MESR constraints are used to enforce SSoD constraints. There are often multiple MFSR constraints that can enforce the same SSoD. Although the different MESR constraints can enforce the same effect on the same session, we have found that different MESR constraints are varying greatly in the enforcement efficiency. The more precise the MESR sets are defined for enforcing an SSoD constraint, the less overhead the system is suffered. By comparing the different MESR constraints which can enforce the same SSoD, we conclude the minimal MESR constraints can avoid redundant restrictiveness effectively and enforce the SSoD policy precisely. We also present an algorithm that generates all minimal MESR constraints that are precise for enforcing one SSoD policy.
关 键 词:空间约束 实施策略 空间职责分离约束 空间互斥角色约束
分 类 号:TP309[自动化与计算机技术—计算机系统结构]
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在链接到云南高校图书馆文献保障联盟下载...
云南高校图书馆联盟文献共享服务平台 版权所有©
您的IP:216.73.216.3
