摘要
针对基于Web的图书馆管理系统资源访问控制的动态性问题,提出了一种基于角色的访问控制策略描述方案.通过对基于Web的图书馆管理系统访问控制管理影响因素和访问控制需求的分析,结合NIST基于角色的访问控制统一模型标准,构造了一种基于角色的访问控制元模型.并在这一元模型的基础上,提出了一种紧凑的基于角色的访问控制XML策略描述语言框架.结果表明该访问控制策略描述语言框架适合表述动态环境下对图书馆资源的访问策略,提高了基于Web的图书馆管理系统资源访问的安全性.
This paper proposes a specification of Role Based Access Control policies to solve the dynamic access control for the Web based library management system. According to the NIST unified Role Based Control model standards, a Role Based Access Control meta-model is constructed based on the analysis of the affecting factors of the access control management and the access control requirements for the Web based library management system. Based on this meta-model, a compact Role Based Access Control XML policy specification language framework is proposed. The results show that this policy specification language framework can represent the access policies for library materials in dynamic environment, and improve the security to access the materials in the Web based library management system.
出处
《武汉大学学报(理学版)》
CAS
CSCD
北大核心
2006年第5期644-648,共5页
Journal of Wuhan University:Natural Science Edition
基金
教育部博士点基金资助项目(20030533011)