一种新的访问控制模型——TBPM-RBAC

被引:6
作者
王瑜
卿斯汉
机构
[1] 中国科学院软件研究所信息安全技术工程研究中心
关键词
角色; RBAC; 访问控制; 任务;
D O I
暂无
中图分类号
TP393.07 [];
学科分类号
摘要
基于角色的访问控制RBAC(roe-based access control)能够降低访问控制管理工作的复杂性,但是要在RBAC中高效合理地为角色配置权限仍然具有一定的难度,而且RBAC不适合处理存在依赖和时序关系的访问控制。本文通过在RBAC中引入任务机制解决以上两点困难,即权限被授予任务,任务被授予角色,角色只能使用它正在执行的任务所允许的权限。提出了TBPM-RBAC(task-based permissions management in RBAC)模型,给出了模型的定义,对模型进行了分析并给出了模型的两个应用示例。
引用
收藏
页码:169 / 172
页数:4
相关论文
共 7 条
[1]  
Proposed NIST Standard for Role-Based Access Control. Ferraiolo D F,et al. ACM Transactions on Information and System Security . 2001
[2]  
Conceptual Foundations for a Model of Task-based Authorizations. Thomas R K,Sandhu R S. Proc. of the 7th IEEE Computer Security Foundations Workshop . 1994
[3]  
Role-Based Access Control Models. Sandhu R S,Coyne E J,Feinstein H L,Youman C E. IEEE Computer . 1996
[4]  
Access Control: Principles and Practice. Sandhu R S,Samarati P. IEEE Communications Letters . 1994
[5]  
Role and Task-Based Access Control in the PerDiS Groupware Platform. Coulouris G,Dollimore J,Roberts M. Proc. of the Third ACM Workshop on Role-Based Access Control . 1998
[6]  
Task-based Authorization Controls(TBAC):A Family of Models for Active and Enterprise-oriented Authorization Management. Thomas R K,Sandhu R S. Proc. of the IFIP WG11. 3 Workshop on Database Security. Lake Tahoe . 1998
[7]  
Extending Access Control with Duties-Realized by Active Mechanisms. Jonscher D. Database Security, VI: Status and Prospects . 1993