摘要
为了描述基于角色的访问控制模型(Role basedAccessControl(RABC))控制下的信息流动情况,扩充客体的概念,使用RABC的基本原理,利用客体拥有的角色集合来划分信息的安全类、两个客体的角色集合所具有的包涵关系来定义信息流策略。经严格的数学证明,新的信息流模型满足文献[3]的有限格和最小上界运算符性质,是合理的、安全的。最后给出了该模型的简单应用。
Role-based Access Control(RABC) is an important information security model. In order to describe the information flow based on this model, a new security information flow model based on roles is given. In this article, the object is expended, the basic principle of the RBAC model is used, the safe classify of the object is divided by its role set, and the information flow role is described with the included relation of the role set of two objects. By strict mathematical verification, this new information flow model satisfies the character of finite lattice and least upper bound operator in reference [3], and it is reasonable and safe.Lastly one simple application is given.
出处
《四川大学学报(工程科学版)》
EI
CAS
CSCD
2004年第5期94-97,共4页
Journal of Sichuan University (Engineering Science Edition)
基金
国家973资助项目(1999035801)
四川省教育厅自然科学重点项目(2003A161)
关键词
RABC模型
信息流模型
格
RABC model
secure information flow model
Lattice
