摘要
描述了访问控制和逻辑的关系,并将访问控制授权判决问题归约成逻辑蕴涵问题;总结了基于逻辑的访问控制的基本逻辑问题,即逻辑基础、可判定性和安全性分析;分析了一些访问控制模型的基本逻辑问题,包括基于身份的访问控制模型、基于信任管理的访问控制模型和基于属性的访问控制模型;指出了结构化属性描述能力和安全性分析是基于逻辑的访问控制需要进一步研究的问题。
This paper addressesd the relation between access control and logic, reduced authorization decision to logic containment, and studied the basic logical issues of access control, namely logical foundation, decidability and security analysis. Then, the paper researched the basic issues of some access control models, which include identity based, trust management based and attribute based access control model. Lastly, the paper discussed the research direction of the logic-based access control, which includes structure attribute logic and security analysis.
出处
《计算机科学》
CSCD
北大核心
2009年第4期42-46,共5页
Computer Science
基金
国家高技术研究发展计划(863)(No.2007AA01Z471)资助