摘要
针对传统的RBAC模型所存在的问题,引入用户组进行了改进:除了RBAC模型的角色授权外,增加了用户组对数据资源进行授权,使用户所拥有的权限变成用户所属角色的功能权限和用户所属部门的资源权限之和。改进后的混合授权的扩展模型(E-RBAC)不仅有效解决了角色定义、用户职责、功能和资源等动态变化对系统所带来的问题,更增强了对用户授权的灵活性和可维护性,并且在实际项目中得到了应用。
During further anglicizing RBAC,this paper pointed out its shortcoming.This paper proposed an improved model named E-RBAC.One way to grant user privilege was using role based on RBAC,another way was using user group that introduced above.The improved mix granting method solved the mentioned problem and was very convenient,as well as made the system s authority limitation management easier.Meanwhile,it improved the safety of system.It had been used in some projects successfully.
出处
《计算机应用研究》
CSCD
北大核心
2009年第3期1098-1100,共3页
Application Research of Computers
基金
国家科技支撑项目(2006BAJ09B0601)
