检索规则说明:AND代表“并且”;OR代表“或者”;NOT代表“不包含”;(注意必须大写,运算符两边需空一格)
检 索 范 例 :范例一: (K=图书馆学 OR K=情报学) AND A=范并思 范例二:J=计算机应用与软件 AND (U=C++ OR U=Basic) NOT M=Visual
作 者:陈亚茹 Chen Yaru(Department of Information Engineering,Henan Industry and Trade Vocational College,Zhengzhou 450012)
机构地区:[1]河南工业贸易职业学院信息工程系,郑州450012
出 处:《信息安全研究》2021年第2期184-189,共6页Journal of Information Security Research
摘 要:针对非法用户越权访问公司内部数据引起的安全问题,提出了组合公钥(combined public key,CPK)和角色访问控制(role access control,RBAC)相结合的改进模型.通过保留RBAC96模型中继承约束关系的基础上,去除RBAC97模型中继承关系的复杂度,引入用户组概念.其中每个密钥代表不同的权限,同时对密钥赋予相应的用户.不同密钥保护不同的文档,不同用户分配不同的密钥,合法用户只有根据自己密钥权限才可以解密相应的文档,加强了访问控制模型的安全.通过测试结果证明,该方案在系统中运行正常,并验证了方案的可行性.For security problems caused by illegal users’unauthorized access to internal data of the company,an improved model of combined public key(CPK)and role access control(RBAC)is proposed.On the basis of preserving the inheritance constraint relationship in RBAC96 model,the complexity of the inheritance relationship in RBAC97 model is removed and the concept of user group is introduced.Introducing user groups and encrypting documents with keys,each of which represents different permissions,the key is also assigned to the corresponding user.Different keys protect different documents,different users assign different keys,legitimate users can only decrypt the corresponding documents according to their key permissions,strengthen the security of access control model.The test results show that the scheme works well in the system and the feasibility of the scheme is verified.
关 键 词:组合公钥 角色访问 密钥权限 权限控制 越权访问
分 类 号:TP309[自动化与计算机技术—计算机系统结构]
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在链接到云南高校图书馆文献保障联盟下载...
云南高校图书馆联盟文献共享服务平台 版权所有©
您的IP:216.73.216.91
