摘要
两个或多个管理域间的安全互操作是一个重要的研究课题·Kapadia等人提出的IRBAC2000模型通过动态角色转换灵活地实现了域间安全互操作·在IRBAC2000模型中每个管理域均采用RBAC模型,职责分离是RBAC模型支持的最基本的3个安全原则之一,并可用一组静态互斥角色约束来表示·而IRBAC2000模型没有考虑职责分离·因此,对动态角色转换违背静态互斥角色约束的各种情形进行了详细分析,并抽象出各种情形的本质特征;对动态角色转换是否会违背静态互斥角色约束提供了一种判定方法并给出了相应的算法;提出了使用先决条件来加强IRBAC2000模型安全性的保护机制·
Secure interaction and interoperability between two or more administrative domains is d major concern. Kapadia et al. proposed the IRBAC 2000 model, which can be used to accomplish flexibly dynamic inter-domain role translations. However, in the IRBAC 2000 model, separation of duties is not considered, which is one of three basic security principles supported by the RBAC model, and enforced by statically mutually exclusive role constraints. Therefore, in this paper, the scenarios where dynamic role translations violate statically mutually exclusive role constraints are analyzed in detail, an approach to check the security problem is provided, and a protective mechanism utilizing prerequisite conditions to enforce the security of the IRBAC 2000 model is proposed.
出处
《计算机研究与发展》
EI
CSCD
北大核心
2006年第6期1065-1070,共6页
Journal of Computer Research and Development
基金
国家自然科学基金项目(60403027)~~
