| 具有时间约束的动态角色的访问控制策略 |
| |
| 引用本文: | 向华萍,付智辉,陈红丽.具有时间约束的动态角色的访问控制策略[J].河北科技大学学报,2010,31(6):558-563. |
| |
| 作者姓名: | 向华萍 付智辉 陈红丽 |
| |
| 作者单位: | [1]华东交通大学软件学院,江西南昌330013 [2]华东交通大学电气与电子工程学院,江西南昌330013 |
| |
| 基金项目: | 江西省自然科学基金,江西省科技支撑计划重点资助项目,华东交通大学校立基金 |
| |
| 摘 要: | 基于角色的访问控制(RBAC)的规范性和易管理性使其被业界普遍接受并广泛应用,但因缺乏时间约束和动态调整权限状态能力,不能很好地满足时间敏感活动的安全需求。针对RBAC的不足,提出一个具有时间约束的动态角色访问控制模型,详细描述了时间系统、时间约束指派的相关定义和函数,分析了系统中权限的4种状态以及权限状态转化问题;为了保证权限状态更新的效率及权限状态的有效性,设计了计算权限状态转化的最短时间的相应算法。
|
| 关 键 词: | 时间约束 权限状态 最短时间 角色的访问控制 |
| 收稿时间: | 2010/4/16 0:00:00 |
Dynamic time-constrained and role-based access control strategy |
| |
| XIANG Hua-ping,FU Zhi-hui and CHEN Hong-li.Dynamic time-constrained and role-based access control strategy[J].Journal of Hebei University of Science and Technology,2010,31(6):558-563. |
| |
| Authors: | XIANG Hua-ping FU Zhi-hui and CHEN Hong-li |
| |
| Institution: | 1.School of Software,East China Jiaotong University,Nanchang Jiangxi 330013,China;2.School of Electronics and Electrical Engineering,East China Jiaotong University,Nanchang Jiangxi 330013,China) |
| |
| Abstract: | Because of its specification and easy administration,role-based access control(RBAC)has been generally accepted and widely used,but it can't fully meet the security needs of time-sensitive activities for its lack of time constraints and dynamic adjustment permission states.For RBAC's shortcomings,a dynamic time-constrained and role-based access control model(DTC-RBAC)is presented.In DTC-RBAC model,we formally define the concepts and functions about time system and time constraints assignments.Furthermore,we analyze four states of permission and permission states transformation,and design an algorithm for calculating the shortest-time of permission states transformation to ensure validity of permission states and efficiency of permission states update. |
| |
| Keywords: | time constraints permission states shortest-time role-based access control |
| 本文献已被 CNKI 维普 万方数据 等数据库收录! |
| 点击此处可从《河北科技大学学报》浏览原始摘要信息 |
| 点击此处可从《河北科技大学学报》下载免费的PDF全文 |
|
