摘要
在分析和总结主体对象访问模型和CSCWD(计算机支持协同设计)访问控制需求的基础上,提出一种新的访问控制模型———基于任务角色的粗粒度混合访问控制模型,解决了在主体 对象访问模型中无法根据应用逻辑相关性实施对访问对象的动态保护。提出了一个一般性的任务角色概念,它不同于传统的角色和任务。模型中利用任务角色把用户、角色和任务关联起来,成为对系统进行控制的主要手段,体现了CSCWD的面向任务的本质特征。利用赋色Petri网技术,建立了混合型访问控制模型,并对各部分的运行机制进行了分析。结果表明,该模型能够有效地描述访问过程中的动态行为,利于系统的分析验证。
On the basis of analyzing and summarizing subject-object access control models and requirements of the access control in CSCWD, a new access control model in CSCWD systems-based on role-in-task, named coarse-grained hybrid access control model (HAC), was proposed to solve the problem that the subject-object access control model can't implement dynamic protection based on pertinence of application logic for accessible object. As a main means for system control, role-in-task concept can associate task, role and user to gether. The coarse-grained model of HAC was established by colored Petri net, and the mechanism for running the HAC model was analyzed simultaneously. The Results show that the model of HAC based on CPN can describe the dynamic behavior of the access control process effectively.
出处
《长安大学学报(自然科学版)》
EI
CAS
CSCD
北大核心
2004年第6期88-93,共6页
Journal of Chang’an University(Natural Science Edition)
基金
国家自然科学基金项目(69773004)
长安大学科技发展基金项目(0305 1001)