首页 | 本学科首页   官方微博 | 高级检索  
     

一种对IRBAC2000模型的改进方法
引用本文:廖振松,金海,羌卫中. 一种对IRBAC2000模型的改进方法[J]. 华中科技大学学报(自然科学版), 2005, 33(Z1): 292-295
作者姓名:廖振松  金海  羌卫中
作者单位:华中科技大学,计算机科学与技术学院,湖北,武汉,430074
基金项目:国家自然科学基金重大专题资助项目(90412010)
摘    要:针对IRABC2000模型在安全方面的不足,在认真分析IRBAC2000模型的基础上,提出了一种新的改进方案,解决了因角色关联而引起的交叉和冲突.该方案去掉角色继承,改角色层次结构为目录结构,将角色的差异体现在角色-权限的映射,同时允许角色跨域关联,但拒绝角色传递,对改进后的模型进行了安全性和灵活性分析.实验表明,该改进方案具有较高的安全性和操控的灵活性.

关 键 词:基于角色的访问控制  IRBAC2000  角色继承  安全互操作
文章编号:1671-4512(2005)S1-0292-04
修稿时间:2005-08-25

An improved approach towards the model of IRBAC2000
Liao Zhensong,Jin Hai,Qiang Weizhong. An improved approach towards the model of IRBAC2000[J]. JOURNAL OF HUAZHONG UNIVERSITY OF SCIENCE AND TECHNOLOGY.NATURE SCIENCE, 2005, 33(Z1): 292-295
Authors:Liao Zhensong  Jin Hai  Qiang Weizhong
Affiliation:Liao Zhensong Jin Hai Qiang Weizhong Doctoral Candidate,College of Computer Sci.& Tech.,Huazhong Univ.of Sci.& Tech.,Wuhan 430074,China.
Abstract:According to the security pitfalls of IRBAC2000 model,an improved approach is proposed to deal with the problems of role intersection and role conflicts.The approach discards role hierarchy,changes it into the directory structure.The difference between roles appears on the map from role to privilege.Meanwhile,the improved approach allows roles to have an association across various secure domains,however,the role transitive is disallowed.This paper still gives a detailed analysis of the improved approach on security and feasibility.The experimental results show that the improved approach has a good practicability and operation flexibility.
Keywords:RBAC  IRBAC2000  role hierarchy  security interoperability  
本文献已被 CNKI 万方数据 等数据库收录!
设为首页 | 免责声明 | 关于勤云 | 加入收藏

Copyright©北京勤云科技发展有限公司  京ICP备09084417号