|
|||||
|
|
| 角色访问控制技术在管理信息系统中的应用 | |
| 引用本文: | 李健,唐文忠,宋长福.角色访问控制技术在管理信息系统中的应用[J].北京航空航天大学学报,2003,29(6):534-538. |
| 作者姓名: | 李健 唐文忠 宋长福 |
| 作者单位: | 1. 北京航空航天大学 机械工程及自动化学院; 2. 北京航空航天大学 计算机科学与工程系; 3. 中国人才研究中心 |
| 摘 要: | 基于角色的访问控制作为一种安全机制,已引起人们越来越多的关注.介绍了传统的自主访问控制模型和强制访问控制模型并分析了他们的特点,提出了一种基于RBAC2(Role Based Access Contrd 2)模型之上的新的访问控制模型,该模型兼顾了RBAC2模型的优点,并扩展了RBAC2模型中对于个体权限的修改能力,应用于实际的管理信息系统中的事实证明了该模型是可行的.讨论了权限的分级管理. |
| 关 键 词: | 管理信息系统 资源 矩阵 自主访问控制 强制访问控制 角色 |
| 文章编号: | 1001-5965(2003)06-0534-05 |
| 收稿时间: | 2002-04-09 |
| 修稿时间: | 2002年4月9日 |
Application of Role-Based Access Control in Management Information System |
|
| Li Jian.Application of Role-Based Access Control in Management Information System[J].Journal of Beijing University of Aeronautics and Astronautics,2003,29(6):534-538. | |
| Authors: | Li Jian |
| Institution: | 1. School of Mechanical Engineering and Automation, Beijing University of Aeronautics and Astronautics; 2. Dept. of Computer Science and Engineering, Beijing University of Aeronautics and Astronautics; 3. China Talent Research & Development Center |
| Abstract: | Role based access control was being paid more and more attention as a security mechanism. Traditional access control policies, including discretionary access control (DAC) as well as mandatory access control (MAC), were first briefly introduced. An access control model based on RBAC2 was provided, which not only inherited the advantage of RBAC2, but also extended the ability of modifying individual permissions. An example application of the model is presented as a proof of its availability. The distributed management for permissions was discussed. |
| Keywords: | management information system resources matrices discretionary access control Mandatory access control role |
| 本文献已被 CNKI 维普 万方数据 等数据库收录! | |
| 点击此处可从《北京航空航天大学学报》浏览原始摘要信息 | |
| 点击此处可从《北京航空航天大学学报》下载免费的PDF全文 | |