计算机应用研究
計算機應用研究
계산궤응용연구
APPLICATION RESEARCH OF COMPUTERS
2010年
4期
1496-1499,1502
,共5页
安全策略%角色%主动授权规则%带有空间特性角色约束
安全策略%角色%主動授權規則%帶有空間特性角色約束
안전책략%각색%주동수권규칙%대유공간특성각색약속
security policy%role%active authorization rules%role-based constraints with spatial characteristics
为满足安全策略或者角色定义的变化,系统或模型应该提供一种灵活的机制实施支持空间特性的RBAC.引入了OITE(on-if-then-else)主动授权规则实施支持空间特性的RBAC,定义了支持空间特性的RBAC中各基本元素与OITE之间的映射关系.使用OITE作为实施机制,可以在不同粒度上实施带有空间特性角色约束,并且可以将支持空间特性的RBAC应用在多个领域中.最后简要讨论了授权规则如何从支持空间特性的RBAC安全策略中自动产生.
為滿足安全策略或者角色定義的變化,繫統或模型應該提供一種靈活的機製實施支持空間特性的RBAC.引入瞭OITE(on-if-then-else)主動授權規則實施支持空間特性的RBAC,定義瞭支持空間特性的RBAC中各基本元素與OITE之間的映射關繫.使用OITE作為實施機製,可以在不同粒度上實施帶有空間特性角色約束,併且可以將支持空間特性的RBAC應用在多箇領域中.最後簡要討論瞭授權規則如何從支持空間特性的RBAC安全策略中自動產生.
위만족안전책략혹자각색정의적변화,계통혹모형응해제공일충령활적궤제실시지지공간특성적RBAC.인입료OITE(on-if-then-else)주동수권규칙실시지지공간특성적RBAC,정의료지지공간특성적RBAC중각기본원소여OITE지간적영사관계.사용OITE작위실시궤제,가이재불동립도상실시대유공간특성각색약속,병차가이장지지공간특성적RBAC응용재다개영역중.최후간요토론료수권규칙여하종지지공간특성적RBAC안전책략중자동산생.
To meet security policy or role structure changes, systems or models should provide a flexible mechanism for enforcing role-based access control (RBAC) with spatial characteristics in a seamless way. This paper used on-when-then-else authorization rules for enforcing RBAC with spatial characteristics. And showed the mapping between the basic elements in RBAC with spatial characteristics and the OWTE rule specification. Established OWTE rules as an enforcement mechanism, which could realize role-based constraints with spatial characteristics at different granularities and make RBAC with spatial characteristics usable in diverse domains. Finally discussed briefly how these authorization rules could be automatically generated from security policies using RBAC with spatial characteristics.
