计算机工程
計算機工程
계산궤공정
COMPUTER ENGINEERING
2010年
1期
136-138
,共3页
钟卫%舒坚%杨丰玉%刘琳岚
鐘衛%舒堅%楊豐玉%劉琳嵐
종위%서견%양봉옥%류림람
转授权模型%授权步数%角色差度
轉授權模型%授權步數%角色差度
전수권모형%수권보수%각색차도
delegation model%delegation depth%role range
转授权技术能解决分布式环境下的用户授权问题,但在多步转授过程中可能引发循环授权和权限扩散.研究任务一角色访问控制(TRBAC)模型,提出基于授权步数和角色差度的工作流转授权(DR-TRBAC)模型,根据同一任务的转授关系构建转授权树,通过限定授权步数和遍历转授权树解决循环授权问题,设置转授用户间最大角色差度防止权限的扩散.应用实例证明了DR-TRBAC模型的实用性.
轉授權技術能解決分佈式環境下的用戶授權問題,但在多步轉授過程中可能引髮循環授權和權限擴散.研究任務一角色訪問控製(TRBAC)模型,提齣基于授權步數和角色差度的工作流轉授權(DR-TRBAC)模型,根據同一任務的轉授關繫構建轉授權樹,通過限定授權步數和遍歷轉授權樹解決循環授權問題,設置轉授用戶間最大角色差度防止權限的擴散.應用實例證明瞭DR-TRBAC模型的實用性.
전수권기술능해결분포식배경하적용호수권문제,단재다보전수과정중가능인발순배수권화권한확산.연구임무일각색방문공제(TRBAC)모형,제출기우수권보수화각색차도적공작류전수권(DR-TRBAC)모형,근거동일임무적전수관계구건전수권수,통과한정수권보수화편력전수권수해결순배수권문제,설치전수용호간최대각색차도방지권한적확산.응용실예증명료DR-TRBAC모형적실용성.
The delegation technology can solve the authorization problem of users in distributed environment, which makes the permission management flexible. However, it is possible to cause the issues of cycle authorization and permission diffusion in the process of multi-step delegation. On the basis of T-RBAC, the paper proposes a DR-TRBAC model based on delegation depth and role range. It creates delegation tree according to delegation relationship of one task. The cycle authorization problem is solved by limiting delegation depth. The permission diffusion is controlled by setting the maximum of role range between users. The feasibility of DR-TRBAC is proved through an application.