检索规则说明:AND代表“并且”;OR代表“或者”;NOT代表“不包含”;(注意必须大写,运算符两边需空一格)
检 索 范 例 :范例一: (K=图书馆学 OR K=情报学) AND A=范并思 范例二:J=计算机应用与软件 AND (U=C++ OR U=Basic) NOT M=Visual
名 称:
注 释:
出 处:《计算机工程与应用》2014年第23期100-103,107,共5页Computer Engineering and Applications
基 金:国家科技支撑计划(No.2012BAH19F003)
摘 要:针对在工作流环境中不具备相应资质和能力的用户可能通过其担任的角色获取任务,进而获得访问权限的问题,提出在任务分配之前进行属性约束。用户和任务都具有属性和相应的属性表达式,用户属性反映用户具备的资质和能力,任务属性反映任务对用户资质和能力的要求,只有对应的属性表达式满足策略规则时系统才向用户进行任务授权。实例分析表明,该方法能够防止不具备相应资质和能力的用户获取任务权限,消除安全隐患,实现更加细粒度的访问控制。In order to resolve the problem that users who lack of corresponding qualifications and ability in workflow environment might get access rights through its role, this paper presents attribute constraints before the tasks assignment. Users and tasks have certain attributes and corresponding attribute expressions, user attributes reflect their equipped apti-tude and ability and task attributes indicate its requirements to users in qualifications and ability. The system authorizes to users only when the corresponding rules are satisfied by attribute expressions. Case analysis shows this approach can pre-vent the users who lack of corresponding qualifications and ability to get the tasks so as to eliminate the safety hazards and achieve a more fine-grained access control.
分 类 号:TP301[自动化与计算机技术—计算机系统结构]
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在链接到云南高校图书馆文献保障联盟下载...
云南高校图书馆联盟文献共享服务平台 版权所有©
您的IP:216.73.216.31