摘要
传统的访问控制模型通常只考虑正常情况,对于紧急情况则无能为力。例如某些用户在紧急情况下应该能够越过常规的访问控制系统,获取以前没有权限访问的敏感数据。本文引入了基于门限的协作访问控制模型(T-CAC),该模型在RBAC基础上给权限添加了门限属性。门限值决定了用户提交的权重是否足够获得权限。不同用户可以通过协作策略进行协作,获得较多的权重。T-CAC提供的协作机制使得我们有灵活多样的策略来处理紧急情况。
Access control models usually consider only regular policies and are not appropriate to unusual or exceptional circumstances.For instance,in case of emergencies many users might override the access control system in order to access unauthorized sensitive data which is undesirable. In this paper we introduce a model named Threshold- based Collaborative Access Control (T-CAC). T-CAC specify weights toward permissions.Furthermore,every permission is associated to thresholds.Thresholds determine the required weight submitted by a user to gain the requested permission.This might require collaboration with several users who belong to several roles. T-CAC allow us to better design policies that fit situations,such as emergencies and exceptions,based on possible collaborations.
出处
《微计算机信息》
2009年第3期226-227,128,共3页
Control & Automation
关键词
访问控制
协作
门限
紧急情况
Access Control
Threshold
Collaborative Systems
Emergencies circumstance
