摘要
访问控制是一门重要的的信息安全技术 ,网络的发展为它提供了更广阔的舞台 ,本文陈述了几种主流的访问控制技术 ,重点描述了基于角色的访问控制技术 ,阐述了广泛接受的 RBAC96模型、ARBAC97模型以及最近提出的NIST RBAC建议标准的思想、原理和实现方法 .
Access Control is an important information security technology, which has been provided in many application fields by networks rapid development. In this paper, several main technologies on access control are introduced, and the technology of role-based access control is described emphatically. Also, model RBAC96 and ARBAC97, which have been widely accepted, and the thinking, theory and implement methods of the newly proposed NIST RBAC standard are illustrated in detail.
出处
《小型微型计算机系统》
CSCD
北大核心
2004年第1期56-59,共4页
Journal of Chinese Computer Systems
基金
总装备部预研基金项目
关键词
自主访问控制
强制访问控制
基于角色的访问控制
角色等级
职责分离
discretionary access control
mandatory access control
role-based access control
role hierarchies
separation of duties
