摘要
Abstract
Aiming at the shortcomings of the Role Based Access Control(RBAC)model in authorization management,in this paper,a RBAC optimization model supporting negative authorization is constructed,which is a multidimensional holistic optimization of the RBAC model.Firstly,a combination approach is adopted to optimize the user side and the authorization side of the RBAC model,respectively,which simplifies the process of assigning roles and authorizations.Secondly,the dynamic access control capability of the model is enhanced by incorporating the user attributes and their rule expressions into the RBAC model.Thirdly,the negative authorization strategy is introduced into the model,and the practice approach of negative authorization strategy is clarified,the flexibility and security of access control are improved.Finally,a role query method is proposed based on this optimization model to support role an authorization management.Meanwhile,a formal description of the optimization model is given,and its authorization and permission verification and permission acquisition processes are analyzed and elaborated in detail.关键词
角色/RBAC/否定授权/访问控制/优化/RBAC-OMSNAKey words
Role/RBAC/Negative authorization/Access control/Optimization/RBAC-OMSNA分类
计算机与自动化
