摘要
在传统的访问控制模型和策略中虽有可变的特性,但属性的可变性是一个全新的概念。作为对传统访问控制的扩展,论述了使用控制模型,分析了其核心组成及特性。运用使用控制的观点,讨论了使用控制的可变性,定义了临时属性和永久属性两个可变属性。可变性是对相关主体和对象访问结果的属性更新处理,发生在授权和认证模型中,是通过在定义模型中加入更新过程实现的,使得基于历史的访问决策更容易实施。在属性可变性的基础上,进一步讨论了可变性的几种变化形式。
Mutability is a new concept,although its features can be control has been surveyed to extend traditional access control,its found in traditional access control models and policies.Usage composition and property have been analyzed.Mutability has been discussed in usage control's point of view,and temporary and persistent attribute have been identified.Mutability has been embodied by attribute updates,which occures on both authorizations and obligations models,and which has been realized by adding update procedures within the model definition,and which makes history-based access decision to be executed easily.Several attribute mutability variations of mutability have been discussed.
出处
《计算机工程与应用》
CSCD
北大核心
2007年第25期66-68,79,共4页
Computer Engineering and Applications
基金
国家自然科学基金(the National Natural Science Foundation of China under Grant No.60503016)
东北电力大学博士科研启动基金项目(No.BSJXM- 200502) 。
关键词
传统访问控制
使用控制
可变性
可变性变化形式
traditional access control
usage control
mutability
mutability variation