摘要
利用有限状态机、RABC模型的用户被授予角色,角色被授予权限,权限关联操作,用户通过被授予的角色得到该角色的相应权限,来完成某些操作的基本原理和BLP模型不读上、不写下基本原理,对C/S模式下的信息系统给出了一种形式化描述,该描述在操作平台安全的情况下是安全的.
It was described about an information system of C/S ( Client / Server) Mode, with finite-state machine by the ideals of the RABC model by which the principle is that the users are awarded with roles and the roles are awarded with purviews, and that the users get hold of the purviews by their roles.With the principle of BLP model , that can’t read up and can’t write down . The description is secure when the system desk is secure.
出处
《西华师范大学学报(自然科学版)》
2005年第2期170-174,共5页
Journal of China West Normal University(Natural Sciences)
基金
国家973资助项目(1999035801)
四川省教育厅自然科学重点项目(2003A161)
