计算机工程与应用
計算機工程與應用
계산궤공정여응용
COMPUTER ENGINEERING AND APPLICATIONS
2014年
19期
66-69,88
,共5页
基于角色的访问控制(RBAC)%属性表达式%Web本体语言(OWL)%推理
基于角色的訪問控製(RBAC)%屬性錶達式%Web本體語言(OWL)%推理
기우각색적방문공제(RBAC)%속성표체식%Web본체어언(OWL)%추리
Role Based Access Control(RBAC)%attribute expression%Web Ontology Language(OWL)%reasoning
将属性作为授权约束,给出了属性扩展的RBAC模型。提出了一种基于OWL的属性RBAC策略定义和表示方法。该方法支持复杂属性表达式、属性值偏序关系、角色层次关系和约束的定义;在推理机的支持下,可以执行访问控制决策推理,属性表达式支配关系判定和策略知识一致性检测。具体应用案例说明了该方法的可行性。
將屬性作為授權約束,給齣瞭屬性擴展的RBAC模型。提齣瞭一種基于OWL的屬性RBAC策略定義和錶示方法。該方法支持複雜屬性錶達式、屬性值偏序關繫、角色層次關繫和約束的定義;在推理機的支持下,可以執行訪問控製決策推理,屬性錶達式支配關繫判定和策略知識一緻性檢測。具體應用案例說明瞭該方法的可行性。
장속성작위수권약속,급출료속성확전적RBAC모형。제출료일충기우OWL적속성RBAC책략정의화표시방법。해방법지지복잡속성표체식、속성치편서관계、각색층차관계화약속적정의;재추리궤적지지하,가이집행방문공제결책추리,속성표체식지배관계판정화책략지식일치성검측。구체응용안례설명료해방법적가행성。
Treating attribute as authorization constraints, an extended model of RBAC with attributes is proposed. An OWL-based policy representation method of attributive-based RBAC model is presented, in which complex attribute expressions, partial ordering relations between attribute values, role hierarchies, and constraints can be explicitly defined. Access control decisions, dominance relations between attribute expressions, and consistency of policy information can be drawn via an OWL reasoner. A study case is presented to show the feasibility of the method.