北京邮电大学学报

  • EI核心期刊

北京邮电大学学报 ›› 2008, Vol. 31 ›› Issue (3): 123-127.doi: 10.13190/jbupt.200803.123.291

• 研究报告 • 上一篇    下一篇

RBAC模型中静态约束机制的扩展

张红旗, 周 靖, 张 斌   

  1. 解放军信息工程大学 电子技术学院, 郑州 430010
  • 收稿日期:2006-11-01 修回日期:1900-01-01 出版日期:2008-06-28 发布日期:2008-06-28
  • 通讯作者: 张红旗

The Research of Extension of Static Constraints Mechanism
in RBAC Model

ZHANG Hong-qi, ZHOU Jing, ZHANG Bin   

  1. Institute of Electronic Technology,Information Engineering University,Zhengzhou 450004,China
  • Received:2006-11-01 Revised:1900-01-01 Online:2008-06-28 Published:2008-06-28
  • Contact: ZHANG Hong-qi

摘要:

基于角色的访问控制引入了角色的概念,方便了权限的分配与管理,是一种安全、高效的访问控制机制,并形成了标准. 介绍了RBAC模型标准,对RBAC中的静态约束机制进行了扩展,增加了静态势约束及静态权限约束,阐述了其作用,给出了形式化定义,并扩展了标准中的系统及管理功能规范以对新的约束提供支持. 约束机制的扩展能强化RBAC的授权管理,提高RBAC系统的实用性、可靠性.

关键词: 基于角色的访问控制, 角色, 约束, 权限

Abstract:

Role-based access control (RBAC) introduced the concept of role to improve the assignment and management of privilege. RBAC is a secure, effective method of access control. The constraints model is an important one of the standard models of international committee for information technology standard (INCITS). After introducing the standard models of RBAC, the mechanism of static constraints is extended by introducing the static cardinality constraints and static privilege constraints. These constraints are formalized defined, and the system and administrative functional specification are extended to support the new constraints. The extended constraints will enhance the management of authority and the practicability, reliability of RBAC system.

Key words: role-based access control, role, constraints;privilege

中图分类号: