摘要
提出了一种改进的RBAC模型,该模型通过引入安全员、审计员、主客体安全等级、角色容量等概念,对传统RBAC模型进行了扩展,克服了传统RBAC中判断程序的权限仅仅根据启动程序的角色的不足,提高了模型的安全性。最后通过一个应用实例验证了新模型的有效性。
An improved RBAC (role-based access control) model is represented. To get over the shortcoming of traditional RBAC model, which the authority of judge program is only based on the role of startup program, the improved model imports some concepts, such as guarder, auditor, the security level of main and subsidiary body, capability of roles and so on, then the security of traditional RBAC model is strengthened. Lastly, the validity of improved model is proved by an application instance.
出处
《计算机工程与设计》
CSCD
北大核心
2008年第18期4718-4721,共4页
Computer Engineering and Design
基金
国家自然科学基金项目(60563002)