摘要
在NISTRBAC模型的基础上扩展了域和客体类的概念,提出DE_RBAC模型,使其更适合在大型分层管理的系统中应用,减少了角色的定义和权限的分配。在此基础上提出一种新的管理模型,通过层层授权、分布式管理的方式建立分层的RBAC管理框架,并在系统运行中进行动态角色和权限管理。
A new role-based access control model,DE_RBAC is proposed,which extends the concept of domain and object class based on NIST RBAC model.The new model reduces roles defining and rights assignation,and it is more suitable to be used in large-scale and hierarchical system.A new administration model based on DE_RBAC is proposed too.In this model,the management frame is constructed by hierarchical authorization and distributed management.This model also supports dynamic management of roles and rights.
出处
《计算机工程与应用》
CSCD
北大核心
2005年第6期60-64,共5页
Computer Engineering and Applications