| 105 | 9 | 86 |
| 下载次数 | 被引频次 | 阅读次数 |
基于网络的大规模软件应用系统面临着日益复杂的数据资源安全管理的难题,基于角色的访问控制方法(Role Based Access Control,简称RBAC),实现用户与访问权限的逻辑分离和构造角色之间的层次关系,从而方便了数据的安全管理。基于角色的访问控制的基础,对角色进行进一步划分,分为模块级角色和数据级角色。一个模块级角色包含至少一个或者多个数据级角色。以角色间包含关系取代RBAC中角色之间的继承关系,有效的防止了角色间继承带来的冗余隐患。
Abstract:Large-scale web based on software application systems face increasingly complex challenges of data resources security management, role-based access control (Role Based Access Control, called RABC) method achieves logical separation of user and access authority, and constructs relationships between structural roles, thus facilitating data security management. This thesis divide the role into module-level role and data-level role based on the model of the role-based access control (RBAC). Module-level roles maybe contain the least one or many data-level role. It replaces the contain relationship with the inherit relationship between roles, which effectively prevents the inheritance relationship from the redundancy danger.
[1].李晶,李晓林,朱思斯.基于RBAC模型的多级权限访问控制设计[J].软件导刊,2009,8(4):140-142.
[2].张世龙,沈玉利.计算机应用研究[J].2009,26(6).
[3].王瑞琴,陈玮.基于差异的多级角色授权模型研究及实现[J].上海理工大学学报,2008,30(5):470-474.
[4].石稀林,方勇,张野,李岳,孙立鹏.分布式环境下的一种基于角色的访问控制模型[J].四川大学学报(自然科学版),2007,44(2):303-306.
[5].陈啓泓,邹杜,艾飞,张凌.基于RBAC的限制约束在权限控制中的实现[J].微计算机信息,2009,25(7-3).
基本信息:
中图分类号:TP393.08
引用信息:
[1]梁泽梅,李蜀瑜.基于RBAC的两级访问控制模型[J].微型电脑应用,2011,27(03):54-57+6.
2011-03-20
2011-03-20