摘要
结合RBAC模型,提出了一种基于分级角色的访问控制模型,将系统用户依据职能的不同分为不同的角色,同一类角色又划分不同的等级。定义了基本概念和等级-角色矩阵,进行了形式化的描述,并应用在实际系统中。每一个实际用户通过不同等级的角色,对应于不同访问权限的资源,并可动态地进行角色转换和等级变迁,从而使访问控制机制更为灵活。
Combining with RBAC model, a graded roles based access control model is put forward. System users are divided into different kinds of roles by their functions, and one kind of roles are divided into different grades. Basic concepts and the grade-role matrix are defined, the model is described formaly and applied to practical systems. Real users are corresponding to different access authorization sources through different graded roles, the role conversion and grade variance can be dynamically completed, so the access control mechanism becomes more flexible.
出处
《华东理工大学学报(自然科学版)》
EI
CAS
CSCD
北大核心
2006年第11期1327-1330,共4页
Journal of East China University of Science and Technology
