| 在RBAC模型中"责权分离约束"的冲突检测与消解 |
| |
| 引用本文: | 崔中杰,胡昌振.在RBAC模型中"责权分离约束"的冲突检测与消解[J].科技导报(北京),2005,23(12):40-43. |
| |
| 作者姓名: | 崔中杰 胡昌振 |
| |
| 作者单位: | 北京理工大学信息安全与对抗技术研究中心,北京,100081;北京理工大学机电工程学院,北京,100081;北京理工大学信息安全与对抗技术研究中心,北京,100081;北京理工大学机电工程学院,北京,100081 |
| |
| 摘 要: | 详细论述了责权分离约束在基于角色的访问控制(RBAC)中的冲突检测与解决方案.研究了该约束在“权限-角色授权”(PRA)、“权限-主体授权”(PSA)、“角色-主体授权”(RSA)、“角色-角色授权”(RRA)等各类授权关系中的典型示例,并结合数学中的有向图理论给出冲突检测的算法分析,为实际应用奠定了基础.此外,还对冲突产生后的消解方法进行了深入讨论,总结出多种方案并进行仿真比较,根据实验结果给出一套优化后的解决途径.
|
| 关 键 词: | 责权分离 冲突检测 冲突消解 有向无环图 角色分层 |
| 文章编号: | 1000-7857(2005)12-0040-04 |
| 收稿时间: | 2005-10-20 |
| 修稿时间: | 2005年10月20 |
Conflict Checking and Solving of Separation of Duty Constraints in RBAC |
| |
| CUI Zhong-jie, HU Chang-Zhen.Conflict Checking and Solving of Separation of Duty Constraints in RBAC[J].Science & Technology Review,2005,23(12):40-43. |
| |
| Authors: | CUI Zhong-jie HU Chang-Zhen |
| |
| Institution: | 1. Information Security and Confrontation Technology Research Center, Beijing Institute of Technology, Beijing 100081, China; 2. School of Mechatronic Engineering, Beijing Institute of Technology, Beijing 100081, China |
| |
| Abstract: | The conflict checking and solving of separation of duty constraints were particularly discussed in RBAC we researched these constraints' typical examples in authorization relations of the permission-to-role assignment (PRA), the permission-to subject assignment (PSA), the role-to-subject assignment (RSA), and the definition of a role hierarchy (role-to-role assignment, RRA). The arithmetic analysis of conflict checking which links with the theory of directed acycline graph (DAG) was provided. It will be a basis for practicall application. Furthermore, the conflict solving was further discussed in the paper. Several schemes are summarized and achieved imitating experiment. Subsequently, we provided an optimized solving method for the further work. |
| |
| Keywords: | separation of duty conflict checking conflict solving directed acycline graph role hierarchy |
| 本文献已被 CNKI 维普 万方数据 等数据库收录! |
|
