期刊文献+

基于角色的权限访问控制在CMS中的研究与应用 被引量:4

The Research and Application of Role-based Access Control in CMS
下载PDF
导出
摘要 针对CMS(内容管理系统)的特点,在基于角色的权限访问控制的基础上,分析CMS中的访问主体与客体,涉及到的访问权限以及约束属性,提出一个带有附加主体、客体约束属性和约束机制的权限访问控制算法。该算法通过适用用户范围、信息状态、用户信用、用户级别四个方面对访问进行约束,使拥有同一角色的不同用户对信息资源的访问表现出各自不同的访问控制特征,从而,减少角色的数量,提高CMS中权限分配和访问控制的灵活性与安全性。 This Paper, According to the characteristic of CMS (Content Manage System), on the basis of Role - Based Access Control Models, analyses the access subject and object, permission and Constraints attribute involved in CMS, presents a permission access control algorithm which has additional subject and object constraints attribute and constraints mechanism. The algorithm restrains access by user range, information status, user credit and user class, makes the access of the different users having the same role show the different access control teatures, which reduces the quantity of roles and improves the flexibility and security of permission assignment and access cotrol in CMS.
作者 朱勇 陆亚东
出处 《计算技术与自动化》 2008年第1期100-103,共4页 Computing Technology and Automation
关键词 基于角色的权限访问控制 约束属性 约束机制 CMS Role - based access control model constraints attribute constraints mechanism CMS
  • 相关文献

参考文献10

二级参考文献44

  • 1梁彬,孙玉芳,石文昌,孙波.一种改进的以基于角色的访问控制实施BLP模型及其变种的方法[J].计算机学报,2004,27(5):636-644. 被引量:30
  • 2刘益和.B/S模式信息安全系统的一种形式化描述[J].计算机科学,2004,31(B09):217-219. 被引量:2
  • 3李军,孙玉方.计算机安全和安全模型[J].计算机研究与发展,1996,33(4):312-320. 被引量:28
  • 4林东.网络信息安全&PGP加密[M].北京:清华大学出版社,1998..
  • 5Sandhu R S, Samarati P. Access control:principle and practice [J]. Communications Magazine, IEEE, 1994,32(9):40~48.
  • 6Sandhu R S, Coyne E J, Feinstein H L, et al . Role-based access control models [J].IEEE Computer, 1996, 29(2):38~47.
  • 7Osborn S, Sandhu R, Munawer Q. Configuring role-based access control to enforce mandatory and discretionary access control policies[J]. ACM Transactions on Information and System Security, 2000, 3(2):85~106.
  • 8Steinmuller B, Safarik J. Extending role-based access control model with states [A]. Proc. of the International Conference on Trends in Communications[C]. Bratislava:INSPEC, 2001, 2:398~399.
  • 9Gavrila S, Barkley J. Formal specification for role based access control user/Role and role/role relationship management[A]. Proc. of the Third ACM Workshop on Role-Based Access Control [C]. Virginia:ACM Press, 1998.81~90.
  • 10Ferraiolo D F, Cugini J, Kuhn D R. Role based access control:features and motivations[A]. Proc. of 11th Annual Conference on Computer Security Applications[C]. Los Alamitos:IEEE Computer Society Press, 1995. 241~248.

共引文献141

同被引文献25

引证文献4

二级引证文献6

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部