期刊文献+

协同设计系统中一种新的访问控制模型 被引量:1

Modeling and analyzing access control in CSCWD system
下载PDF
导出
摘要 在分析和总结主体对象访问模型和CSCWD(计算机支持协同设计)访问控制需求的基础上,提出一种新的访问控制模型———基于任务角色的粗粒度混合访问控制模型,解决了在主体 对象访问模型中无法根据应用逻辑相关性实施对访问对象的动态保护。提出了一个一般性的任务角色概念,它不同于传统的角色和任务。模型中利用任务角色把用户、角色和任务关联起来,成为对系统进行控制的主要手段,体现了CSCWD的面向任务的本质特征。利用赋色Petri网技术,建立了混合型访问控制模型,并对各部分的运行机制进行了分析。结果表明,该模型能够有效地描述访问过程中的动态行为,利于系统的分析验证。 On the basis of analyzing and summarizing subject-object access control models and requirements of the access control in CSCWD, a new access control model in CSCWD systems-based on role-in-task, named coarse-grained hybrid access control model (HAC), was proposed to solve the problem that the subject-object access control model can't implement dynamic protection based on pertinence of application logic for accessible object. As a main means for system control, role-in-task concept can associate task, role and user to gether. The coarse-grained model of HAC was established by colored Petri net, and the mechanism for running the HAC model was analyzed simultaneously. The Results show that the model of HAC based on CPN can describe the dynamic behavior of the access control process effectively.
出处 《长安大学学报(自然科学版)》 EI CAS CSCD 北大核心 2004年第6期88-93,共6页 Journal of Chang’an University(Natural Science Edition)
基金 国家自然科学基金项目(69773004) 长安大学科技发展基金项目(0305 1001)
关键词 计算机科学 访问控制 面向任务 任务角色 赋色PETRI网 computer science access control task-oriented task-role colored Petri net
  • 相关文献

参考文献11

  • 1Ellis C A, Gibbs S J, Rein G L. Groupware: some issues and experiences[J]. Communications of the ACM, 1991, 34(1):39-58.
  • 2Jonathan G. Computer-supported cooperative work: history and focus[J]. IEEE Computer, 1994, (5): 19-26.
  • 3Bullock A, Benford S. An access control framework for multi-user collaborative environments[A]. Proc.International ACM SIGGROUP Conference on Supporting Group Work[C]. Arizona: 1999. 140- 149.
  • 4Gollmann D. Computer security[M]. New Jersey:John Wiley and Sons, 1999.
  • 5David F F, Ravi S. Proposed NIST standard for rolebased access control[J]. ACM Transactions on Information and System Security, 2001,4(3) :224-274.
  • 6Shen Hong-hai, Dewan P. Access control for collaborative environments[A]. Turner J, Kraut R. Proceedings of the ACM CSCW' 92 Conference on Computer Supported Cooperative Work[C]. New York:ACM Press,1994. 51-58.
  • 7Dewan P, Shen Hong-hai. Flexible meta access-control for collaborative application [A]. Proc. ACM 1998 Conference on Computer Supported Cooperative Work[C]. 1998. 247-256.
  • 8Thomas R K, Sandhu R S. Task-based authorization controls (TBAC): A family of models for active and enterprise-oriented authorization management[A]. In Proceedings of the IFIP WG11.3 Workshop on Database Security[C]. 1997.
  • 9Konstantin K. Dynamic access control through Petri net workflows[A]. 16th Annual Computer Security Applications Conference[C]. New Orleans, Louisiana: 2000. 11-15.
  • 10Jensen K. Coloured Petri nets, basic concepts, analysis methods and practical use (Volume 1)[M]. Berlin, Heidelberg, New York: Springer-Verlag(2nd Corrected Printing), 1997.

同被引文献17

  • 1徐洪学,刘永贤,郭秀英,盛忠起.一种CSCD系统的角色委托授权模型[J].东北大学学报(自然科学版),2006,27(5):548-551. 被引量:1
  • 2ANDERSON J P. Computer security technology planning study[EB/OL]. [2010-12-03]. http://csrc, nist. gov/publications/history/ande 72. pdf.
  • 3GOLLMANN D. Computer security[M]. New York, N. Y. , USA:John Wiley and Sons, 1999.
  • 4CONWAY R, MAXWELL W, MORGAN H. On the implementation of security measures in information systems[J]. Communications of the ACM, 1972,15(4):211-220.
  • 5DENNING D E. A lattice model of secure information flow [J]. Communications of the ACM, 1976,19(5): 236-243.
  • 6FERRAIOLO D F, KUHN D R. Role-based access controls [C]//Proceedings of the 15th National Computer Security Conference. Baltimore, Md., USA: The Institute, 1992: 554-563.
  • 7SANDHU R, COYNE E, FEINSTEIN H. Role-based access control models[J]. IEEE Computer, 1996,29(2): 38-47.
  • 8SANDHU R S, BHAMIDIPATI V, COYNE E, et al. The ARBAC97 model for role-based administration of roles:preliminary description and outline[C]//Proceedings of the 2nd ACM Workshop on Role-Based Access Control. New York, N. Y. , USA. ACM Press, 1997 : 41-50.
  • 9BERTINO E, BONATTI P A, FERRARI E. TRBAC:a temporal role-based access control model[J]. ACM Transactions on Information and System Security, 2001,4 (3) : 191-223.
  • 10THOMAS R K, SANDHU R S. Task-based authentication controls(TBAC) :a family of models for active and enterprise- oriented authentication management[EB/OL]. [2010-12-03] http://profsandhu, com/confrnc/ifip/197tbac, pdf.

引证文献1

二级引证文献4

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部