摘要
访问控制是保障信息系统安全的一种主要机制,通过限定主体对客体的访问权限,确保对信息资源访问的合法性,达到保证信息的机密性、完整性和可用性的目的。通常,这种机制主要通过静态的访问控制矩阵实现,不随信息系统处理的任务变换而调整。利用Petri网的基本原理,提出了一种适合于信息系统的访问控制模型,随着信息系统的状态变化动态授予访问控制权限,实现对信息系统资源安全的动态保护。
Access control is an important assurance mechanism for the security of information technology systems.It protects the validity access right for information asset by constraining subjects to access to objects in order to assure the confidentiality,integrity and availability of information.As usual the mechanism is realized by static access control matrix which doesn't represent the dynamic characteristic along with task changing.In this paper,a dynamic access control model is described based on the Petri Net rationale.The dynamic model authorizes user role the access control right according to the implementation of different tasks in the system to prevent inappropriate use of information.
出处
《计算机工程与应用》
CSCD
北大核心
2006年第9期4-5,15,共3页
Computer Engineering and Applications
基金
国家863高技术研究发展计划资助项目(编号:2002AA144030)
