摘要
GEO-RBAC是一种能够处理空间信息的访问控制策略,其角色按照粒度分为角色模式和角色实例,按照维数分为空间角色和非空间角色。基于实例的角色分配与传统RBAC策略类似。使用着色Petri网对GEO-RBAC中基于模式的角色分配进行建模,并给出了可达性分析方法,通过对角色分配事件图可达状态的分析实现了GEO-RBAC策略的一致性验证。
GEO-RBAC policy can deal with spatial information. Roles in GEO-RBAC can be classified into role schemas and role instances according to granularity, or spatial roles and non-spatial roles according to dimension, The role assignment in instance level is similar to that in the traditional RBAC, Using colored Petri net we provide a CPN model for the role assignment in schema level and give the method to analyze the state reachability, at last, complete the consistency verification of the GEO-RBAC policy through analyzing the reachability of the corresponding occurrence graph.
出处
《系统仿真学报》
CAS
CSCD
北大核心
2007年第A01期118-123,共6页
Journal of System Simulation