计算机工程2012,Vol.38Issue(16):138-141,4.DOI:10.3969/j.issn.1000-3428.2012.16.035
一种基于T-RBAC的访问控制改进模型
Improved Access Control Model Based on T-RBAC
摘要
Abstract
Because of the shortcoming of permission control and separation of duties in T-RBAC, an improved model is proposed. New model simplifies the task classification of T-RBAC, adds context and state property to task, and builds a close relationship between permissions granting and the task context and state property, which enhances the dynamic management of permissions. It also solves the problem of mutually exclusive rights possessed by one role while inherited in roles hierarchy using private roles, and ensures the dynamic separation of duties by checking the history of task performance. New model provides a better permissions management, and better meets the separation of duties and least privilege principles.关键词
任务上下文/任务状态/权限动态管理/职责分离/互斥权限共享Key words
task context/ task state/ dynamic management of permission/ separation of duties/ mutually rights sharing分类
信息技术与安全科学引用本文复制引用
冯俊,王箭..一种基于T-RBAC的访问控制改进模型[J].计算机工程,2012,38(16):138-141,4.基金项目
国家“863”计划基金资助项目(2009AA044601) (2009AA044601)
