|
|||||
|
|
| 主动授权管理中的关联继承机制 | |
| 引用本文: | 翟治年,奚建清,卢亚辉,汤德佑,郭玉彬,韦凯.主动授权管理中的关联继承机制[J].西安交通大学学报,2012,46(4):24-31. |
| 作者姓名: | 翟治年 奚建清 卢亚辉 汤德佑 郭玉彬 韦凯 |
| 作者单位: | 1. 华南理工大学计算机科学与工程学院,510006,广州 2. 深圳大学计算机与软件学院,518062,广东深圳 3. 华南农业大学信息学院,510640,广州 |
| 基金项目: | 国家自然科学基金资助项目(60903114,60973100);广东省自然科学基金资助项目(10351806001000000);粤港关键领域重点突破资助项目(2006B80407001);广东省教育部产学研结合计划资助项目(2008B090500193);深圳市科技计划基础研究资助项目(JC201005280402A,JC200903120046A);中央高校基本科研业务费专项资金资助项目(2009ZM0162) |
| 摘 要: | 为解决主动授权管理模型中普遍和长期存在的任务间重复授权问题,提高工作流授权的伸缩性,提出一种基于职能关联的权限继承机制.通过对传统的角色任务指派关系进行深入挖掘,定义了职能关联概念及其特化与管理关系;根据职能关联的分量和属性给出了2种关系的推导规则,并按2种关系上的继承性区分业务性和管理性授权,从而建立了可自动配置的授权继承结构.论文评审工作流上的验证结果表明,较之现有各类模型,文中提出的模型以10%以下的额外手工操作减少了53%以上的授权操作,较好地克服了任务间重复授权这一缺陷,取得了明显的授权伸缩性优势.同时,该模型还提供对任务内多角色协作的支持. |
| 关 键 词: | 访问控制 授权 工作流 任务 角色 伸缩性 继承 |
Association Inheritance Mechanism in Active Authorization Management |
|
| ZHAI Zhinian , XI Jianqing , LU Yahui , TANG Deyou , GUO Yubin , WEI Kai.Association Inheritance Mechanism in Active Authorization Management[J].Journal of Xi'an Jiaotong University,2012,46(4):24-31. | |
| Authors: | ZHAI Zhinian XI Jianqing LU Yahui TANG Deyou GUO Yubin WEI Kai |
| Institution: | 1(1.School of Computer Science and Engineering, South China University of Technology,Guangzhou 510006,China; 2.School of Computer and Software,Shenzhen University,Shenzhen,Guangdong 518062,China; 3.College of Informatics,South China Agriculture University,Guangzhou 510640,China) |
| Abstract: | A permission inheritance mechanism based on function associations is proposed to address the widespread and long-stand issue of repetitive authorizations among tasks in active authorization management models and to enhance the authorization scalability in workflow systems.The definition of function association with specialization and management relations is given by analyzing the traditional relation of role-task assignment.Inference rules about the two relations on function associations are obtained from the components and attributes of function associations,then authorizations are divided into two types of business and management based on the inheritance on the two relations.Thus auto-configurable authorization inheritance structures are established.Comparisons with existing models for a paper review workflow show that authorization operations are reduced by more than 53% with only 10% or less extra manual operations.Therefore,repetitive authorizations among tasks are effectively reduced,and distinct superiority in authorization scalability is achieved.Meanwhile,the collaboration of multiple roles within a task can be supported. |
| Keywords: | access control authorization workflow task role scalability inheritance |
| 本文献已被 CNKI 万方数据 等数据库收录! | |