摘要
操作系统作为信息系统的基础,其安全性不容忽视。访问控制是维护和保证系统安全的重要方式,而基于角色访问控制(RBAC)是访问控制领域新兴的热点。以Sun公司的开源操作系统Solaris为例,分析了RBAC模型的结构和工作原理,同时,对Solaris下角色访问控制的具体实现进行了研究,提出了一种针对超级用户权限的控制方法,更好地实现了最小特权原则。
As the basis of the information system, operating system is very important, so its security can't be omitted. Access control, is one important way to maintain and guarantee the system security, and role-base access control model becomes the new hotspot in the field of access control. Solaris is taken, the open-source system of SUN Company, as example, analyzes the structure, working principle and realization of role-base access control model. A research on the implementation of RBAC is made, and a new method for control the root user to realize the principle of least privilege better is given.
出处
《计算机工程与设计》
CSCD
北大核心
2008年第8期1952-1954,共3页
Computer Engineering and Design
基金
上海市教育委员会科研基金项目(04EB12)
关键词
角色
权限
访问控制
多级安全
最小特权原则
职责分离
role
privilege
access control
multi-level security
principle ofleastprivilege
separation of duties
