基于角色的访问控制中的安全三原则

定义了RBAC中的主要概念并对主要的关系给出了必要的形式化描述.与典型的RBAC的定义不同,将RBAC的核心概念角色定义为包括任务在内的一个四元组,进而提出任务是分析实现RBAC系统的基础.提出角色中任务的行为闭集和数据闭集的概念,它们分别被定义为角色内完成某任务所需的最小行为集和最小数据集.由于权限被定义为从行为集到数据集上的两元关系,因此将角色的行为闭集和数据闭集组成的两元组与系统所给的权限集取交集便得到角色的最小权限集.提出互斥的权限来自于互斥的任务,定义了互斥任务的概念,而完成互斥任务的行为和数据所形成的权限便是互斥的权限,同时正是基于角色中任务的行为闭集和数据闭集,给出了互斥权限的界定及其传递的性质.这样也尽可能地避免了因互斥权限的传递性而造成的互斥权限被扩大的情况.

Three security principles for role-based access control

The main concepts of RBAC and its main relations were described.Being different from the typical definition of RBAC,the core conception role of RBAC was defined as a 4-tuple with tasks.It was pointed out that a task was the basis for analyzing RBAC system.Concepts of action closure and data closure in the task of roles were firstly proposed.They were respectively defined as the smallest action set and data set for completing tasks in roles.As the privilege defined as binary relation from action set to data set,the 2-tuple set formed by action closure and data closure was intersected with the privilege set of the system.On the basis of the intersection,the least privileges set of the role was obtained.The paper presented the concept that mutually exclusive privileges came from the mutually exclusive tasks.The mutually exclusive tasks were defined,and its privileges were formed by actions and data for completing mutual exclusive tasks.The definition of mutually exclusive privilege and its property of the transmission were put forward in accordance with action closure and data closure roles in a task of roles.It can avoid the possibility that mutually exclusive privileges being enlarged.