| 一种基于属性证书的分布式访问控制模型 |
| |
| 引用本文: | 张可翔 谢冬青 冷健. 一种基于属性证书的分布式访问控制模型[J]. 科学技术与工程, 2006, 6(15): 2378-2380 |
| |
| 作者姓名: | 张可翔 谢冬青 冷健 |
| |
| 作者单位: | 湖南大学计算机与通信学院,长沙,410082;湖南大学计算机与通信学院,长沙,410082;湖南大学计算机与通信学院,长沙,410082 |
| |
| 基金项目: | 国家自然科学基金(60373085)资助 |
| |
| 摘 要: | 在分布式环境中通常需要协同合作和共享资源,RBAC是安全系统中保护资源的有效手段之一。基于对面向对象RBAC模型的分析,引入PMI属性证书,提出一种面向对象的分布式多域访问控制模型AC-ORBAC,给出形式化描述,该模型通过属性证书实现角色授权访问控制,使对访问控制的管理更为灵活高效,并对职责分离和域问访问进行了讨论。结合PKI.给出了一个实现原型。
|
| 关 键 词: | 面向对象 属性证书 多域 职责分离 |
| 文章编号: | 1671-1815(2006)15-2378-03 |
| 收稿时间: | 2006-03-31 |
| 修稿时间: | 2006-03-31 |
Implement Multi-domain Role-based Access Control via Attribute Certificate |
| |
| ZHANG Kexiang,XIE Dongqing,LENG Jian. Implement Multi-domain Role-based Access Control via Attribute Certificate[J]. Science Technology and Engineering, 2006, 6(15): 2378-2380 |
| |
| Authors: | ZHANG Kexiang XIE Dongqing LENG Jian |
| |
| Abstract: | In the distributed environment, users would like to communicate with each other and share resources. Role-based access control is one of the effective means to protect resources in a security system. Based on analyzing the object-oriented RBAC model, and introducing PMI attribute certificate, an object-oriented RBAC model based on it (AC-ORBAC) is proposed for multiple domains by using attribute certificate. The access control is more flexible, and also the separation of duty is discussed. Moreover, an implementation with PKI is given. |
| |
| Keywords: | object - oriented attribute certificate multi - domain separation of duty |
| 本文献已被 CNKI 维普 万方数据 等数据库收录! |
| 点击此处可从《科学技术与工程》浏览原始摘要信息 |
|
点击此处可从《科学技术与工程》下载全文 |
