摘要
以角色为中心的RBAC(Role-Based Access Control)访问控制在应用系统权限设计过程中发挥着关键的作用。随着系统规模的不断扩大,传统的Web应用中所使用RBAC模型在检索效率、权限维护等多方面已经严重制约了系统扩展和性能提升。为改善这一现状,特引入了REST(Representational State Transfer)架构风格。本着以资源为中心的设计理念,通过对RBAC模型的深入理解以及对传统风格下RBAC模型缺陷的详细分析,提出一种全新的适用于REST风格的RBAC模型,并对其高效性作出了数学论证。
The role-centred RBAC access control plays a key role in the process of permission management design in application system. With the constant expansion of the application scale, both search efficiency and permission maintenance problems of RBAC model used in tra- ditional Web application occurred, which had severely limited the scalability and performance of the system. To meliorate the situation, REST architectural style is introduced. Based on resource-centred designing conception, by thorough understanding of the RBAC model, and through analyzing the drawbacks of traditional RBAC model in detail, a brand new RBAC model suitable for REST style is established, and a mathematical proof is given in order to demonstrate its high efficiency.
出处
《计算机应用与软件》
CSCD
2009年第9期162-164,共3页
Computer Applications and Software
关键词
RBAC
架构风格
REST
以资源为中心
Role-based access control (RBAC) Architectural style Representational sate transfer (REST) Resource-centred
