摘要
访问控制是目前解决信息系统安全问题的主要技术。针对传统的基于任务-角色的访问控制策略在系统的安全性、通用性和实用性方面的不足,提出了一种新的基于任务-操作的访问控制模型(T-OBAC),该模型结合了基于任务和基于操作访问控制模型的共同优点,且角色描述更精确、安全性更好、应用更便捷、灵活。对它的基本原理、特点、实施步骤和实现方法等进行了深入研究,并通过一个实际系统开发的例子展示了模型应用的可行性和有效性。
Access control is a main technique to cope with the security problems in information systems. Traditional task-role based access control policy is difficult to satisfy the requirements in security, versatility and practicality. To address that issue a new access control model based on task and operation, called as Task-Operation model (T-OBAC) , was introduced. The model combines the advantages of task-based model and accessing operation-based model together with more precise depiction of role, and is better in safety, more convenient and flexible. Its fundamental rationale, characteristics, implementing procedure and approach, etc. were elaborately analyzed. Finally, a real case of system development was carried out and the demonstration of the feasibility and validity of the model' s application was shown.
出处
《计算机应用与软件》
CSCD
2009年第6期77-79,共3页
Computer Applications and Software
基金
陕西省国际科技合作重点项目(2006KW-21)
陕西省教育厅产业化重点项目(05JC27)
