摘要
访问控制是系统安全的重要技术。对常用的几种访问控制策略进行了比较,介绍了RBAC模型的基本概念及其特点、优势和不足;着重研究了一种对用户和角色混合授权的ERBAC模型,分析了ERBAC模型的优点;最后对ERBAC模型提出改良意见,建立了改良模型;并介绍其在某大型系统中的有效应用和实现。
Access control is an important technology in system security.The commonly used access control policies,describes the RBAC model's basic concepts and its features,advantages and disadvantages is compared.An extended role-based access control model is intensively studied,which integrated the authorization of users and roles,and analyzed the advantages of the ERBAC model.At last several improved suggestions are proposed to the ERBAC model,an improved model is built.and its effective application and implementation in a large-scale system are introduced.
出处
《科学技术与工程》
2007年第21期5558-5562,共5页
Science Technology and Engineering