期刊文献+

工作流中基于RBAC的SoD安全分析与应用

The Security Analysis and Apply of RBAC-based SoD in Workflows
下载PDF
导出
摘要 在RBAC中,职责分离(SoD--Separation of Duty)约束用户角色的授权,以保护敏感信息。SoD的限制一般由角色互斥关系(MER--mutually exclusive roles)定义。本文通过将企业流程的工作流结合到RBAC框架中,提出切实可行的分析SoD的计算方法。提出一种生成MER的算法和一个验证算法来检查设定的RBAC规则是否满足SoD的限制。本文讨论了详细的方法并举例来说明。 In RBAC, Separation of Duty (SOD) constrains user role authorization to protect sensitive information from frauds due to conflicts of interests. SoD constraints are commonly defined by mutually exclusive roles (MER). This paper proposes practical computational techniques for analyzing SoD by integrating workflows of the enterprise processes into the RBAC framework. It presents an algorithm for generating MER and a verification algorithm to check if a given RBAC state satisfies SoD constraint. The paper discusses the details of the approach and illustrates its use in a application.
出处 《微计算机信息》 2009年第30期62-63,12,共3页 Control & Automation
关键词 角色访问控制 职责分离 工作流 角色 RBAC SoD workflow Roles
  • 相关文献

参考文献6

  • 1Leyman F. and Roller D., Production Workflow:Concepts and Techniques, Prentice Hall, 2000.
  • 2Workflow Management Coalition. The Workflow Reference Model[M]. TC00- 1003 Issue 1.1. Hampshire: UK, 1995: 15- 18.
  • 3Sandhu R S, Coyne E J, Feinstein H L, et al. Role- based access control models[J]. Computer, 1996, 29(2) : 38- 47.
  • 4Kuhn D. R., "Mutual Exclusion of Roles as a Means of Implementing Separation of Duty in Role-Based Access Control Systems," in Procs. of ACM Workshop on RBAC, pp. 23 - 30, 1997.
  • 5梁静,李立新,周雁舟.基于Web的工作流管理系统[J].微计算机信息,2006(01X):68-69. 被引量:14
  • 6Li N., Tripunitara M., and Bizri Z., "On mutually exclusive roles and separation-of-duty", ACM Trans on Inform and Sys, 2007.

二级参考文献1

共引文献13

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部