检索规则说明:AND代表“并且”;OR代表“或者”;NOT代表“不包含”;(注意必须大写,运算符两边需空一格)
检 索 范 例 :范例一: (K=图书馆学 OR K=情报学) AND A=范并思 范例二:J=计算机应用与软件 AND (U=C++ OR U=Basic) NOT M=Visual
机构地区:[1]吉林大学计算机科学与技术学院,长春130012
出 处:《计算机工程》2015年第1期135-138,157,共5页Computer Engineering
基 金:吉林省科技发展计划基金资助项目(20090704)
摘 要:为提高数据库模型的安全性,同时满足用户对数据的合理化存储要求,对RBAC模型与MLR模型进行改进,构造一个结合RBAC模型与MLR模型的综合访问控制模型,使主体通过多级角色间接应用强制访问控制规则来访问客体。实验结果表明,该模型可实现系统中主体对客体的灵活管理,同时具备强制访问控制模型的高安全性。Lots of multi-level database models with individual advantage have appeared following the development of multi-level database security. People gradually begin to improve optimization of multilevel relation database model,put forward more secure,more manageable database multilevel security model,in order to meet the users' rationalization of data storage and keep the security of data. This paper proposes the idea that combined the RBAC access control model with the MAC mandatory access control model. It makes the system not only have the high security of the mandatory access control model and achieve the flexible management from the subject to object,improves the RBAC model and the MLR model of the MAC mandatory access control model,and combines them to construct an integrated access control model. Combined with the superiority of the two access model,the access control model achieves the subject applies the mandatory access control rules to access object by multilevel roles indirectly. By simulated data,the structure of security access control model based on role of multilevel relation is tested. The experiment proves that the comprehensive access control model has better flexibility,makes the model with the high security of mandatory access control model.
关 键 词:数据库安全 多级数据库模型 RBAC模型 MLR模型 访问控制模型 操作权限
分 类 号:TP311[自动化与计算机技术—计算机软件与理论]
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在链接到云南高校图书馆文献保障联盟下载...
云南高校图书馆联盟文献共享服务平台 版权所有©
您的IP:216.73.216.153
