期刊文献+
任意字段
题名或关键词
题名
关键词
文摘
作者
第一作者
机构
刊名
分类号
参考文献
作者简介
基金资助
栏目信息

访问控制模型研究综述 被引量:87

Survey of Research on Access Control Model
下载PDF
导出
摘要 访问控制是一种重要的信息安全技术。为了提高效益和增强竞争力,许多现代企业采用了此技术来保障其信息管理系统的安全。对传统的访问控制模型、基于角色的访问控制模型、基于任务和工作流的访问控制模型、基于任务和角色的访问控制模型等几种主流模型进行了比较详尽地论述和比较,并简介了有望成为下一代访问控制模型的UCON模型。 Access control is an important information security technology. To enhance benefits and increase competitive power, many modern enterprises have used this technology to secure their information manage systems. In this paper, several main access control models, such as traditional access control models, role-based access control models, task-based access control models, task-role-based access control models, and so on, are discussed and compared in detail. In addition, we introduce a new model called UCON, which may be a promising model for the next generation of access control.
作者 沈海波 洪帆
机构地区 华中科技大学计算机学院
出处 《计算机应用研究》 CSCD 北大核心 2005年第6期9-11,共3页 Application Research of Computers
关键词 角色 任务 访问控制 工作流 Role Task Access Control Workflow
分类号 TP309 [自动化与计算机技术—计算机系统结构]
  • 相关文献

参考文献11

  • 1邓集波,洪帆.基于任务的访问控制模型[J].软件学报,2003,14(1):76-82. 被引量:222
  • 2徐锋,吕建.Web安全中的信任管理研究与进展[J].软件学报,2002,13(11):2057-2064. 被引量:113
  • 3L Snyder. Formal Models of Capability-based Protection Systems[ J].IEEE Transactions on Computers, 1981,30(3 ) :172-181.
  • 4R Sandhu, E Coyne, H Feinstein. Role-based Access Control Models[ J]. IEEE Computer, 1996,29 (6) :38-47.
  • 5D Ferraiolo, R Sandhu,et al. Proposed NIST Standard for Role-based Access Control [ J ]. ACM Transactions on Information and System Security(TISSEC) ,2001,4(3) :224-274.
  • 6R Thomas, R Sandhu. Task-Based Authorization Controls(TBAC) : A Family of Models for Active and Enterprise-Oriented Authorization Management[ C]. Lake Tahoe, CA: Proceedings of the 11th IFIP WG11.3 Conference on Database Security, 1997.
  • 7Gail-Joon Ahn, Myong Kang,et al. Injecting RBAC to Secure a Webbased Workflow System[ C]. ACM RBAC, 2000.
  • 8Sejong Oh, Seog Park. Task-role-based Access Control Model[ J ]. Information System, 2003, 28 : 533-562.
  • 9J Park, R Sandhu. Towards Usage Control Models: Beyond Traditional Access Control[ C]. Proceedings of the 7th ACM Symposium on Access Control Models and Technologies,2002.
  • 10R Sandhu, J Park. Usage Control : A Vision for Next Generation Access Control, MMM-ACNS [ EB/OL]. http://www. list. gmu. edu/conference_papers, htm, 2003.

二级参考文献21

  • 1Blaze, M., Feigenbaum, J., Ioannidis, J., et al. The role of trust management in distributed systems security. In: Secure Internet Programming: Issues for Mobile and Distributed Objects. Berlin: Springer-Verlag, 1999. 185~210.
  • 2Khare, R., Rifkin, A. Trust management on World Wide Web. World Wide Web Journal, 1997,2(3):77~112.
  • 3Blaze, M., Feigenbaum, J., Lacy, J. Decentralized trust management. In: Dale, J., Dinolt, G., eds. Proceedings of the 17th Symposium on Security and Privacy. Oakland, CA: IEEE Computer Society Press, 1996. 164~173.
  • 4Abdul-Rahman, A., Hailes, S. A distributed trust model. In: Proceedings of the 1997 New Security Paradigms Workshop. Cumbria, UK: ACM Press, 1998. 48~60. http://www.ib.hu-berlin.de/~kuhlen/VERT01/abdul-rahman-trust-model1997.pdf.
  • 5Abdul-Rahman, A., Hailes, S. Using recommendations for managing trust in distributed systems. In: Proceedings of the IEEE Malaysia International Conference on Communication'97 (MICC'97). Kuala Lumpur: IEEE Press, 1997. http://citeseer.nj.nec.com/ 360414.html.
  • 6Yahalom, R., Klein, B., Beth, T. Trust relationships in secure systems--a distributed authentication perspective. In: Proceedings of the 1993 IEEE Symposium on Research in Security and Privacy. IEEE Press, 1993. 50~164. http://isbn.nu/0818633700.
  • 7Beth, T., Borcherding, M., Klein, B. Valuation of trust in open network. In: Gollmann, D., ed. Proceedings of the European Symposium on Research in Security (ESORICS). Brighton: Springer-Verlag, 1994. 3~18.
  • 8Blaze, M., Feigenbaum, J., Keromytis, A.D. Keynote: trust management for public-key infrastructures. In: Christianson, B., Crispo, B., William, S., et al., eds. Cambridge 1998 Security Protocols International Workshop. Berlin: Springer-Verglag, 1999. 59~63.
  • 9Chu, Y.-H., Feigenbaum, J., LaMacchia, B., et al. REFEREE: trust management for Web applications. World Wide Web Journal, 1997,2(2):127~139.
  • 10Povey, D. Developing electronic trust policies using a risk management model. In: Proceedings of the 1999 CQRE Congress. 1999. 1~16. http://security.dstc.edu.au/staff/povey/papers/CQRE/123.pdf.

共引文献331

同被引文献499

引证文献87

二级引证文献275

计算机应用研究
2005年 第6期

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部